VIRY.CZ

Čau, přikládám log - předem díky!

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra K at 2015-01-31 11:47:06
Microsoft Windows 8.1
System drive C: has 643 GB (70%) free of 913 GB
Total RAM: 7375 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:51:00, on 31. 1. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ondra K.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: DialuxBHO - {F586CB96-7091-42ec-9829-F5D5CE65AFC1} - C:\Program Files (x86)\DIALux\Dialux.BHO_x86.dll
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [ComodoFSChrome] "C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\RunOnce: ["C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe"] "C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe"
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B71ED58F74CD38662813BA4309C51FE6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe"
O4 - Startup: Dropbox.lnk = C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @oem12.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DIAL Communication Service (DialComService) - DIAL GmbH - C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12237 bytes

======Listing Processes======





wininit.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\WLANExt.exe 741574174256
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
dashost.exe {c8f8fbe0-4d17-474a-8d6de8cd94c7ec7f}
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -service
C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"ConnectifyD.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-84963c0e-4e03-40a2-98ad-b1ee35b948aa -SystemEventPortName:HostProcess-b33a2f85-5827-4e02-9fb3-e32b10b8d8ff -IoCancelEventPortName:HostProcess-ae2e98ed-3ffc-4d80-8006-6ca3f456136d -NonStateChangingEventPortName:HostProcess-83243337-0a88-4b6d-bdf3-8047cb572496 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:815b90f7-ea3a-488e-92d2-e34994f85d8e -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x179c_0x142c_0x7a0da4fd"

C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Users\Ondra K\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
"C:\Program Files\COMODO\GeekBuddy\unit_manager.exe"
"C:\Program Files\COMODO\GeekBuddy\unit" "\"C:/Program Files/COMODO/GeekBuddy/lps-cspm\""
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="16960.0.771035812\1835105475" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.250.9001.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.1.1745586257\822154088" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.3.312561561\548164736" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.4.376128011\143624358" /prefetch:673131151
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe" "magnet:?xt=urn:btih:DE5A02971F68CEC0FDA41D5D012B0D408A026546&dn=12.Monkeys.S01E03.HDTV.x264-KILLERS%5Bettv%5D&tr=udp%3A%2F%2Fopen.demonii.com%3A1337%2Fannounce&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80%2Fannounce&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80%2Fannounce&tr=udp%3A%2F%2Ftracker.istole.it%3A80%2Fannounce&tr=http%3A%2F%2Ftracker.trackerfix.com%2Fannounce&tr=udp%3A%2F%2Ftracker.btzoo.eu%3A80%2Fannounce&tr=http%3A%2F%2Ftorrent.gresille.org%2Fannounce&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969%2Fannounce&tr=udp%3A%2F%2F9.rarbg.com%3A2710%2Fannounce&tr=udp%3A%2F%2F12.rarbg.me%3A80%2Fannounce"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6_Postperiod/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.49.1937266879\1334450876" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="16960.52.801725779\1864401392" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6_Postperiod/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.55.338353090\1884256426" /prefetch:673131151
C:\windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6_Postperiod/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.58.642449269\1432894201" /prefetch:673131151
"C:\Users\Ondra K\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/QueryBoundaryControl_Stable_R6_Postperiod/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/HTTP/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_72/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="16960.59.727599968\1413870740" /prefetch:673131151

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F586CB96-7091-42ec-9829-F5D5CE65AFC1}]
DIALux Browser Helper Object - C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x64.dll [2014-05-09 1337616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll [2013-11-15 842408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F586CB96-7091-42ec-9829-F5D5CE65AFC1}]
DIALux Browser Helper Object - C:\Program Files (x86)\DIALux\Dialux.BHO_x86.dll [2013-12-10 1215248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
PrivDog Extension - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll [2013-11-15 744616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-08-08 2894664]
"RtsFT"=C:\windows\RTFTrack.exe [2013-07-19 6340312]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-06-19 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-06-19 193008]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"Connectify Hotspot"=C:\Program Files (x86)\Connectify\Connectify.exe [2014-10-15 4305656]
"Connectify Dispatch"=C:\Program Files (x86)\Connectify\DispatchUI.exe [2014-10-15 2367224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Ondra K\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-01-03 10232648]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2013-04-11 429792]
"GoogleChromeAutoLaunch_B71ED58F74CD38662813BA4309C51FE6"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-01-27 843592]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []
"uTorrent"=C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe [2014-04-13 398760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-07 766208]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"ComodoFSChrome"=C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe /c []
"PrivDogService"=C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe [2013-11-15 525480]
"tvncontrol"=C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-09-24 2327248]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe""=C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
Start GeekBuddy.lnk - C:\Program Files\COMODO\GeekBuddy\launcher.exe

C:\Users\Ondra K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-31 11:47:07 ----D---- C:\Program Files\trend micro
2015-01-31 11:47:06 ----D---- C:\rsit
2015-01-14 16:15:39 ----A---- C:\windows\SYSWOW64\ssleay32.dll
2015-01-14 16:15:39 ----A---- C:\windows\SYSWOW64\libssl32.dll
2015-01-14 16:15:39 ----A---- C:\windows\SYSWOW64\libeay32.dll
2015-01-14 16:15:38 ----D---- C:\OpenSSL-Win32
2015-01-14 16:09:03 ----D---- C:\Users\Ondra K\AppData\Roaming\GHISLER
2015-01-14 16:09:03 ----D---- C:\totalcmd
2015-01-14 16:09:03 ----A---- C:\windows\UC.PIF
2015-01-14 16:09:03 ----A---- C:\windows\RAR.PIF
2015-01-14 16:09:03 ----A---- C:\windows\PKZIP.PIF
2015-01-14 16:09:03 ----A---- C:\windows\PKUNZIP.PIF
2015-01-14 16:09:03 ----A---- C:\windows\LHA.PIF
2015-01-14 16:09:03 ----A---- C:\windows\ARJ.PIF
2015-01-14 14:58:32 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2015-01-14 14:58:32 ----A---- C:\windows\system32\profsvc.dll
2015-01-14 14:58:32 ----A---- C:\windows\system32\nlasvc.dll
2015-01-14 14:58:32 ----A---- C:\windows\system32\nlaapi.dll
2015-01-14 14:58:32 ----A---- C:\windows\system32\ncsi.dll
2015-01-14 14:58:31 ----A---- C:\windows\system32\TSWbPrxy.exe
2015-01-14 14:58:31 ----A---- C:\windows\system32\drivers\mrxdav.sys
2015-01-14 14:58:31 ----A---- C:\windows\system32\drivers\ahcache.sys
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\wermgr.exe
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\WerFault.exe
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\wer.dll
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\Faultrep.dll
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 14:58:30 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\wermgr.exe
2015-01-14 14:58:30 ----A---- C:\windows\system32\WerFaultSecure.exe
2015-01-14 14:58:30 ----A---- C:\windows\system32\WerFault.exe
2015-01-14 14:58:30 ----A---- C:\windows\system32\werdiagcontroller.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\wer.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\Faultrep.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\EncDump.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\ci.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\audiosrv.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\AudioSes.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\AUDIOKSE.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\AudioEng.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\AudioEndpointBuilder.dll
2015-01-14 14:58:30 ----A---- C:\windows\system32\audiodg.exe
2015-01-14 14:52:34 ----SHD---- C:\Config.Msi
2015-01-13 14:53:21 ----D---- C:\Users\Ondra K\AppData\Roaming\AdTrustMedia
2015-01-09 10:32:49 ----D---- C:\ProgramData\Origin
2015-01-09 10:32:38 ----D---- C:\ProgramData\Electronic Arts
2015-01-03 18:43:52 ----A---- C:\windows\SYSWOW64\Access.dat
2015-01-03 18:40:30 ----D---- C:\Users\Ondra K\AppData\Roaming\Tunngle
2015-01-03 18:40:30 ----D---- C:\ProgramData\Tunngle
2015-01-03 18:40:22 ----A---- C:\windows\system32\drivers\tap0901t.sys
2015-01-03 18:40:20 ----D---- C:\Program Files (x86)\Tunngle
2015-01-03 18:26:38 ----D---- C:\Program Files (x86)\Garena Plus

======List of files/folders modified in the last 1 month======

2015-01-31 11:50:39 ----D---- C:\Users\Ondra K\AppData\Roaming\uTorrent
2015-01-31 11:47:26 ----D---- C:\windows\Prefetch
2015-01-31 11:47:07 ----RD---- C:\Program Files
2015-01-31 11:43:53 ----RD---- C:\Program Files (x86)
2015-01-31 11:43:09 ----D---- C:\windows\Microsoft.NET
2015-01-31 11:39:37 ----D---- C:\windows\Temp
2015-01-31 11:33:56 ----D---- C:\Stahování
2015-01-31 11:31:40 ----D---- C:\windows\Inf
2015-01-31 11:31:40 ----AD---- C:\windows\System32
2015-01-31 11:31:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-01-31 10:02:01 ----D---- C:\windows\system32\sru
2015-01-31 09:26:53 ----D---- C:\Users\Ondra K\AppData\Roaming\Dropbox
2015-01-30 13:09:23 ----SHD---- C:\System Volume Information
2015-01-28 22:34:34 ----D---- C:\Users\Ondra K\AppData\Roaming\vlc
2015-01-28 21:01:10 ----D---- C:\Users\Ondra K\AppData\Roaming\Skype
2015-01-28 14:21:12 ----D---- C:\windows\system32\config
2015-01-28 14:14:46 ----D---- C:\windows\CbsTemp
2015-01-28 14:14:44 ----D---- C:\windows\WinSxS
2015-01-28 14:14:44 ----D---- C:\windows\SysWOW64
2015-01-28 14:07:58 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-01-27 22:06:48 ----D---- C:\Users\Ondra K\AppData\Roaming\BSplayer
2015-01-22 09:21:57 ----D---- C:\windows\AppReadiness
2015-01-22 09:21:56 ----HD---- C:\Program Files\WindowsApps
2015-01-14 22:05:37 ----D---- C:\windows\system32\drivers
2015-01-14 22:05:33 ----D---- C:\windows\system32\CodeIntegrity
2015-01-14 16:25:22 ----D---- C:\LGP880
2015-01-14 16:09:03 ----AD---- C:\Windows
2015-01-14 15:31:31 ----D---- C:\windows\system32\MRT
2015-01-14 15:18:03 ----A---- C:\windows\system32\MRT.exe
2015-01-14 14:52:52 ----SHD---- C:\windows\Installer
2015-01-14 14:52:51 ----D---- C:\ProgramData\Adtrustmedia
2015-01-09 10:32:49 ----HD---- C:\ProgramData
2015-01-08 09:35:05 ----D---- C:\windows\system32\Tasks
2015-01-04 18:29:19 ----D---- C:\ProgramData\Skype
2015-01-04 18:29:13 ----RD---- C:\Program Files (x86)\Skype
2015-01-03 18:40:47 ----D---- C:\windows\system32\DriverStore
2015-01-03 18:40:22 ----RSD---- C:\windows\Fonts
2015-01-03 18:16:07 ----D---- C:\Program Files (x86)\KillingFloor_v.1055

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2013-07-23 80640]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2013-07-23 25344]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-05-21 36096]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2014-06-19 39008]
R1 CFRMD;CFRMD; C:\windows\system32\DRIVERS\CFRMD.sys [2014-06-26 40224]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2014-12-09 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2014-12-09 807568]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2014-12-09 35080]
R1 cnnctfy3;@oem85.inf,%cnnctfy3_Desc%;Connectify LightWeight Filter; C:\windows\system32\DRIVERS\cnnctfy3.sys [2014-12-14 42152]
R1 dtsoftbus01;@oem57.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2014-10-06 283064]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\windows\system32\DRIVERS\hmd.sys [2014-06-26 14888]
R1 inspect;@oem59.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2014-12-09 126208]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R2 APXACC;@oem5.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-04-18 219360]
R3 ACPIVPC;@oem55.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-06-19 35600]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2013-12-07 13203456]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2013-12-06 624128]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2013-09-24 222720]
R3 bcbtums;@oem12.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2013-08-07 170712]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 – ovladač síťového adaptéru; C:\windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btwampfl;@oem12.inf,%btwampfl.ServiceName%;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2013-09-05 166104]
R3 CnxtHdAudService;@oem14.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2013-08-08 1387712]
R3 ETD;@oem15.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2013-08-05 380680]
R3 L1C;@oem6.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 rtsuvc;@oem39.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2013-07-19 8247640]
R3 tap0901t;@oem86.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\windows\system32\DRIVERS\tap0901t.sys [2015-01-03 31232]
R3 usbfilter;AMD USB Filter Driver; C:\windows\system32\DRIVERS\usbfilter.sys [2013-03-08 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 btwaudio;@oem8.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2013-07-12 186584]
S3 btwavdt;@oem10.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2013-07-12 228568]
S3 btwl2cap;@oem11.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
S3 btwrchid;btwrchid; C:\windows\System32\drivers\btwrchid.sys [2013-07-12 38616]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 RSUSBVSTOR;@oem7.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-07-18 329944]
S3 usbbus;@oem64.inf,%LGSI.Service.Desc%;LGE Mobile Composite USB Device; C:\windows\System32\drivers\lgx64bus.sys [2013-04-24 17920]
S3 UsbDiag;@oem66.inf,%Lgsi.Service.Name%;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgx64diag.sys [2013-04-24 28160]
S3 USBModem;@oem65.inf,%LGSI.Service.Name%;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgx64modem.sys [2013-04-24 34816]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-27 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-07 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2013-08-22 37768]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2013-09-05 976600]
R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-09-25 70864]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-12-09 7618952]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2014-10-15 487936]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-07-29 92160]
R2 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-09-24 2327248]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2014-06-19 68368]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\windows\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2013-08-22 37768]
S2 BcmBtRSupport;@oem12.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\windows\system32\BtwRSupportService.exe [2013-08-07 2252504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-12-09 2265304]
S3 DialComService;DIAL Communication Service; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2013-12-17 1934608]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-01-03 762320]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\windows\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Tady to je:



# AdwCleaner v4.109 - Report created 31/01/2015 at 15:43:37
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Ondra K - ONDRA
# Running from : C:\Users\Ondra K\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AdTrustMedia
Folder Deleted : C:\Program Files (x86)\AdTrustMedia
Folder Deleted : C:\Program Files\AdTrustMedia
Folder Deleted : C:\Users\Ondra K\AppData\Local\AdTrustMedia
Folder Deleted : C:\Users\Ondra K\AppData\Roaming\AdTrustMedia
Folder Deleted : C:\Users\Ondra K\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\GeekBuddy.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Deleted : C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Internet Security\Přidat a odebrat komponenty.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.93


-\\ Comodo Dragon v36.1.1.21

[C:\Users\Ondra K\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja

*************************

AdwCleaner[R0].txt - [3316 octets] - [31/01/2015 15:14:17]
AdwCleaner[S0].txt - [3334 octets] - [31/01/2015 15:43:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3394 octets] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tak tady to je:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1. 2. 2015
Scan Time: 13:38:31
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.01.03
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ondra K

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 930519
Time Elapsed: 4 hr, 19 min, 8 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 8
Backdoor.Nosrawec, C:\ProgramData\Comodo\Cis\Quarantine\data\{51F9D362-524B-477C-8723-22FBBEC7F636}, , [b097f227b8d278be30fd6d6cd0305fa1],
Backdoor.Nosrawec, C:\ProgramData\Comodo\Cis\Quarantine\data\{7E02E511-5705-44F2-8C42-BCA8FAD388A0}, , [26211306a1e9ca6c88a55f7a768a58a8],
PUP.Optional.ClientConnect, C:\ProgramData\Comodo\Cis\Quarantine\data\{8E53BCAF-D719-4850-B4E7-61F547BA9A98}, , [b98eaa6f95f56ec857bdd3f231d018e8],
PUP.Optional.ClientConnect, C:\ProgramData\Comodo\Cis\Quarantine\data\{98514783-CB96-42A4-AD0B-E05F1819BE85}, , [9fa8b66391f9af87e92b8243be43738d],
Backdoor.Nosrawec, C:\ProgramData\Comodo\Cis\Quarantine\data\{B6B1CA3F-4A49-49E5-BD50-D0950B61C189}, , [3a0d71a8b3d766d0e04d0ecbfa0636ca],
Backdoor.Nosrawec, C:\ProgramData\Comodo\Cis\Quarantine\data\{BA2781F4-048D-41C5-9F95-3D0CBCD04165}, , [fe49eb2e88026dc9e14cab2e6e927c84],
PUP.Optional.Conduit.A, C:\Users\Ondra K\AppData\Local\Temp\CT3329621\ctbe.exe, , [d17678a1f9918aac728fe23d6a96b848],
PUP.Optional.ClientConnect, C:\Users\Ondra K\AppData\Local\Temp\CT3329621\statisticsStub.exe, , [192e16034a40ae8820f41bbbef12f40c],

Physical Sectors: 0
(No malicious items detected)


(end)

Nalezy hodte do karanteny, pak muzete MBAM odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Hotovo!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Ondra K (administrator) on ONDRA on 02-02-2015 10:27:58
Running from C:\Users\Ondra K\Desktop
Loaded Profiles: Ondra K (Available profiles: Ondra K & DefaultAppPool)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent, Inc.) C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Ondra K\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-06-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-06-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4305656 2014-10-15] (Connectify)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [2367224 2014-10-15] (Connectify)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [ComodoFSChrome] => "C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
HKLM-x32\...\Run: [PrivDogService] => "C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe"
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
HKLM-x32\...\RunOnce: ["C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe"] => C:\Users\Ondra K\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe [256942480 2014-10-06] (DIAL GmbH) <===== ATTENTION
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [429792 2013-04-11] (AppEx Networks Corporation)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [GoogleChromeAutoLaunch_B71ED58F74CD38662813BA4309C51FE6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-01] (Google Inc.)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [uTorrent] => C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-13] (BitTorrent, Inc.)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\MountPoints2: {0a6629f3-4df1-11e4-8259-142d27f3a96e} - "F:\setup_the_witcher_2_ee_3.0.1.17.exe"
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\MountPoints2: {aba43965-a957-11e4-8273-f8a9633c444e} - "G:\LGAutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Ondra K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ondra K\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1067718225-367633953-3890117072-1002 -> {178D9161-8542-463B-9D8E-CD0505C5DC82} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files\DIAL GmbH\DIALux\Dialux.BHO_x64.dll (DIAL GmbH)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> C:\Program Files (x86)\DIALux\Dialux.BHO_x86.dll (DIAL GmbH)
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 185.60.104.1 93.157.130.65

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-06]
CHR Extension: (Disk Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-06]
CHR Extension: (SocialReviver) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfipfkeoidmndggnnpobeenlamiclald [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-06]
CHR Extension: (Tabulky Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-06]
CHR Extension: (AdBlock) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Dropbox) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-10-06]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2014-10-06]
CHR Extension: (Peněženka Google) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-06]
CHR Extension: (Gmail) - C:\Users\Ondra K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-07] (Advanced Micro Devices, Inc.) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-07] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-09-05] (Broadcom Corporation.)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-09-25] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) [File not signed]
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [1934608 2013-12-17] (DIAL GmbH)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-29] (ELAN Microelectronics Corp.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-09-24] (Comodo Security Solutions, Inc.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-03] (Tunngle.net GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-06-19] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-10-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2015-02-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2015-02-02] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-07] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [807568 2014-12-09] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35080 2014-12-09] (COMODO)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [42152 2014-12-14] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-06] (Disc Soft Ltd)
R1 HMD; C:\Windows\system32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [126208 2014-12-09] (COMODO)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2015-01-03] (Tunngle.net)
S3 usbbus; C:\Windows\System32\drivers\lgx64bus.sys [17920 2013-04-24] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\system32\DRIVERS\lgx64diag.sys [28160 2013-04-24] (LG Electronics Inc.)
S3 USBModem; C:\Windows\system32\DRIVERS\lgx64modem.sys [34816 2013-04-24] (LG Electronics Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 10:27 - 2015-02-02 10:28 - 00019319 _____ () C:\Users\Ondra K\Desktop\FRST.txt
2015-02-02 10:25 - 2015-02-02 10:28 - 00000000 ____D () C:\FRST
2015-02-02 10:25 - 2015-02-02 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra K\Downloads\FRSTLauncher (1).exe
2015-02-02 10:25 - 2015-02-02 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra K\Desktop\FRSTLauncher.exe
2015-02-02 10:24 - 2015-02-02 10:24 - 02131456 _____ (Farbar) C:\Users\Ondra K\Desktop\FRST64.exe
2015-02-01 20:12 - 2015-02-01 20:12 - 00177639 _____ () C:\Users\Ondra K\Downloads\outlander-subtitles-cz-1.zip
2015-02-01 13:36 - 2015-02-02 10:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-01 13:36 - 2015-02-01 13:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 13:35 - 2015-02-01 13:36 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Ondra K\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-01 10:04 - 2015-02-01 13:18 - 00368128 _____ () C:\Users\Ondra K\Downloads\Priznani_FO_5405_21.xls
2015-01-31 20:16 - 2015-01-31 20:16 - 00037784 _____ () C:\Users\Ondra K\Downloads\grimm.411.hdtv-lol.srt
2015-01-31 15:14 - 2015-01-31 15:43 - 00000000 ____D () C:\AdwCleaner
2015-01-31 15:13 - 2015-01-31 15:13 - 02194432 _____ () C:\Users\Ondra K\Desktop\adwcleaner_4.109.exe
2015-01-31 13:45 - 2015-01-31 13:45 - 00044323 _____ () C:\Users\Ondra K\Downloads\12 Monkeys S01E03_killers.srt
2015-01-31 11:47 - 2015-01-31 11:51 - 00000000 ____D () C:\rsit
2015-01-31 11:47 - 2015-01-31 11:51 - 00000000 ____D () C:\Program Files\trend micro
2015-01-31 11:46 - 2015-01-31 11:46 - 01222144 _____ () C:\Users\Ondra K\Downloads\RSITx64.exe
2015-01-28 21:47 - 2015-01-28 21:48 - 435482624 _____ () C:\Users\Ondra K\Downloads\4x01-Cesta-do-Neznáma..avi
2015-01-28 18:03 - 2015-01-28 18:03 - 00004322 _____ () C:\Users\Ondra K\Downloads\shplaylist.m3u
2015-01-27 18:42 - 2015-01-27 18:42 - 00000000 ____D () C:\Users\Ondra K\Downloads\Subs
2015-01-27 18:34 - 2015-01-27 18:41 - 407141059 _____ () C:\Users\Ondra K\Downloads\da.vincis.demons.s02e08.hdtv.x264-killers.mp4
2015-01-25 20:36 - 2015-01-25 20:36 - 00013268 _____ () C:\Users\Ondra K\Downloads\[TreZzoR]Buh masakru _ Carnage.2011.READNFO.BDRip.x264.CZ-TreZzoR.torrent
2015-01-24 09:22 - 2015-01-24 09:22 - 00019946 _____ () C:\Users\Ondra K\Downloads\[TreZzoR]Drakula_ Neznama legenda _ Dracula.Untold.2014.BDRip.x264.CZ-TreZzoR.torrent
2015-01-23 20:07 - 2015-01-23 21:05 - 517943692 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E07-CZ.avi.crdownload
2015-01-23 18:41 - 2015-01-23 19:36 - 508331542 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E06-CZ.avi
2015-01-23 17:44 - 2015-01-23 18:39 - 509938704 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E05-CZ.avi
2015-01-23 12:22 - 2015-01-23 12:22 - 12062263 _____ () C:\Users\Ondra K\Downloads\Desktop.rar
2015-01-22 17:56 - 2015-01-22 19:03 - 2802864128 _____ () C:\Users\Ondra K\Downloads\Hunger.Games.2012.Cz.avi.crdownload
2015-01-22 17:46 - 2015-01-22 17:46 - 00038826 _____ () C:\Users\Ondra K\Downloads\stalker.112.rar
2015-01-21 20:21 - 2015-01-21 21:16 - 511464644 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-demoni-S01E04-CZ.avi
2015-01-21 19:13 - 2015-01-21 20:10 - 510418372 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E03-CZ.avi.crdownload
2015-01-21 18:15 - 2015-01-21 19:10 - 511219066 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E02-CZ.avi.crdownload
2015-01-21 17:15 - 2015-01-21 18:12 - 508016860 _____ () C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E01-CZ.avi.crdownload
2015-01-20 20:33 - 2015-01-20 20:57 - 433330176 _____ () C:\Users\Ondra K\Downloads\Cesta-do-neznáma-3x25-Ostrov-doktora-Wargase.avi.crdownload
2015-01-19 23:03 - 2015-01-19 23:05 - 1348632494 _____ () C:\Users\Ondra K\Downloads\TeenBFF.14.05.22.Chloe.Amour.And.Giselle.Mari.Exotic.Erotic.Threesome.mp4
2015-01-19 22:23 - 2015-01-19 22:24 - 432961536 _____ () C:\Users\Ondra K\Downloads\Cesta-do-neznáma-3x24-Stoker.avi.crdownload
2015-01-18 21:18 - 2015-01-18 21:18 - 17263398 _____ () C:\Users\Ondra K\Downloads\zadani.zip
2015-01-18 13:09 - 2015-01-18 13:09 - 01897117 _____ () C:\Users\Ondra K\Downloads\14-1.zip
2015-01-18 10:50 - 2015-01-18 10:50 - 02676879 _____ () C:\Users\Ondra K\Downloads\zkouška PMS 8.1 2014.rar
2015-01-18 09:56 - 2015-01-18 09:56 - 00018803 _____ () C:\Users\Ondra K\Downloads\[TreZzoR]Driv nez pujdu spat _ Before.I.Go.To.Sleep.2014.BDRip.x264.CZ-TreZzoR.torrent
2015-01-17 20:36 - 2015-01-17 20:36 - 00037918 _____ () C:\Users\Ondra K\Downloads\grimm.409.hdtv-lol.srt
2015-01-17 19:08 - 2015-01-20 14:56 - 00000362 _____ () C:\Users\Ondra K\Desktop\Untitled.m
2015-01-16 19:23 - 2015-01-16 19:23 - 00306609 _____ () C:\Users\Ondra K\Downloads\2007zadani.zip
2015-01-14 16:15 - 2015-01-14 16:15 - 02049698 _____ (OpenSSL Win32 Installer Team ) C:\Users\Ondra K\Downloads\Win32OpenSSL_Light-1_0_1j.exe
2015-01-14 16:15 - 2015-01-14 16:15 - 01179648 _____ (The OpenSSL Project, http://www.openssl.org/) C:\windows\SysWOW64\libeay32.dll
2015-01-14 16:15 - 2015-01-14 16:15 - 00273920 _____ (The OpenSSL Project, http://www.openssl.org/) C:\windows\SysWOW64\ssleay32.dll
2015-01-14 16:15 - 2015-01-14 16:15 - 00273920 _____ (The OpenSSL Project, http://www.openssl.org/) C:\windows\SysWOW64\libssl32.dll
2015-01-14 16:15 - 2015-01-14 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2015-01-14 16:15 - 2015-01-14 16:15 - 00000000 ____D () C:\OpenSSL-Win32
2015-01-14 16:13 - 2015-01-14 16:13 - 01501704 _____ () C:\Users\Ondra K\Downloads\libeay32.dll
2015-01-14 16:13 - 2015-01-14 16:13 - 00331776 _____ () C:\Users\Ondra K\Downloads\ssleay32.dll
2015-01-14 16:09 - 2015-01-14 16:17 - 00000000 ____D () C:\totalcmd
2015-01-14 16:09 - 2015-01-14 16:10 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\GHISLER
2015-01-14 16:09 - 2015-01-14 16:09 - 00000651 _____ () C:\Users\Public\Desktop\Total Commander.lnk
2015-01-14 16:09 - 2015-01-14 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\UC.PIF
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\RAR.PIF
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\PKZIP.PIF
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\PKUNZIP.PIF
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\LHA.PIF
2015-01-14 16:09 - 2014-04-23 08:51 - 00000545 _____ () C:\windows\ARJ.PIF
2015-01-14 16:08 - 2015-01-14 16:08 - 03722264 _____ (Ghisler Software GmbH) C:\Users\Ondra K\Downloads\tcm851x32.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 14:58 - 2015-01-14 14:58 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-14 14:58 - 2015-01-14 14:58 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2015-01-14 14:58 - 2015-01-14 14:58 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-14 14:58 - 2015-01-14 14:58 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2015-01-12 09:14 - 2015-01-12 09:14 - 00140462 _____ () C:\Users\Ondra K\Downloads\TTCM_CVUT_timesheet_Capek_150103 (1).xlsm
2015-01-12 09:00 - 2015-01-12 09:14 - 00140319 _____ () C:\Users\Ondra K\Downloads\TTCM_CVUT_timesheet_Capek_150103.xlsm
2015-01-09 14:12 - 2015-01-09 14:15 - 171304701 _____ () C:\Users\Ondra K\Downloads\SSE.rar
2015-01-09 10:32 - 2015-01-09 10:32 - 00000000 ____D () C:\ProgramData\Origin
2015-01-09 10:32 - 2015-01-09 10:32 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2015-01-03 18:40 - 2015-01-15 19:17 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\Tunngle
2015-01-03 18:40 - 2015-01-15 19:17 - 00000000 ____D () C:\ProgramData\Tunngle
2015-01-03 18:40 - 2015-01-03 18:42 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2015-01-03 18:40 - 2015-01-03 18:40 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2015-01-03 18:40 - 2015-01-03 18:40 - 00001014 _____ () C:\Users\Public\Desktop\Tunngle.lnk
2015-01-03 18:40 - 2015-01-03 18:40 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2015-01-03 18:40 - 2015-01-03 18:40 - 00000000 ____D () C:\Users\Ondra K\Documents\Tunngle
2015-01-03 18:40 - 2015-01-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-01-03 18:36 - 2015-01-03 18:37 - 04501720 _____ (Tunngle.net GmbH ) C:\Users\Ondra K\Downloads\Tunngle_Setup_v5.0.exe
2015-01-03 18:26 - 2015-01-08 09:35 - 00000000 ____D () C:\Program Files (x86)\Garena Plus
2015-01-03 18:23 - 2015-01-03 18:26 - 71351360 _____ () C:\Users\Ondra K\Downloads\Garena+_Install.exe
2015-01-03 12:06 - 2015-01-03 12:06 - 00091763 _____ () C:\Users\Ondra K\Downloads\[kickass.so]sgames.presents.dragon.age.inquisition.2014.repack.multi2.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 10:28 - 2014-10-09 19:29 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\uTorrent
2015-02-02 10:21 - 2014-10-06 19:38 - 01474832 _____ () C:\windows\system32\Drivers\sfi.dat
2015-02-02 10:20 - 2014-06-19 16:30 - 01301336 _____ () C:\windows\WindowsUpdate.log
2015-02-02 10:17 - 2014-10-06 18:59 - 00000972 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 10:15 - 2014-06-19 17:08 - 01071680 _____ () C:\windows\system32\perfh005.dat
2015-02-02 10:15 - 2014-06-19 17:08 - 00279880 _____ () C:\windows\system32\perfc005.dat
2015-02-02 10:15 - 2014-03-18 10:53 - 02341944 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-02 10:12 - 2013-08-22 15:46 - 00063973 _____ () C:\windows\setupact.log
2015-02-02 10:04 - 2014-10-06 19:27 - 00000000 ___RD () C:\Users\Ondra K\Dropbox
2015-02-02 10:04 - 2014-10-06 19:20 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\Dropbox
2015-02-02 10:02 - 2014-10-06 18:59 - 00000968 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 10:01 - 2014-03-18 10:44 - 00039704 _____ () C:\windows\PFRO.log
2015-02-02 10:01 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\Registration
2015-02-02 10:01 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-02 10:00 - 2014-10-07 09:43 - 08889018 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-02 10:00 - 2014-06-19 17:28 - 00004608 _____ () C:\windows\system32\VfService.trf
2015-02-02 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-02 10:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-02 09:56 - 2014-11-29 17:17 - 00036352 _____ (LG Electronics Inc.) C:\windows\system32\Drivers\lgandnetmodem64.sys
2015-02-02 09:55 - 2014-11-29 17:17 - 00029184 _____ (LG Electronics Inc.) C:\windows\system32\Drivers\lgandnetdiag64.sys
2015-02-02 09:38 - 2014-11-28 17:07 - 00000000 ____D () C:\LGP880
2015-02-02 09:36 - 2014-11-28 17:04 - 00002411 _____ () C:\windows\SysWOW64\lgAxconfig.ini
2015-02-02 09:36 - 2014-11-28 17:04 - 00000854 _____ () C:\Users\Ondra K\Desktop\LGMobile Support Tool.lnk
2015-02-02 09:32 - 2014-10-07 08:19 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1067718225-367633953-3890117072-1002
2015-02-02 09:11 - 2014-10-09 19:35 - 00000000 ____D () C:\Stahování
2015-02-02 09:10 - 2014-10-07 08:15 - 00003966 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{DCB59542-B235-4C11-B377-AC4F556E0B50}
2015-02-01 21:16 - 2014-10-10 20:13 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\vlc
2015-02-01 20:03 - 2014-10-06 18:59 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-01 10:04 - 2014-10-07 08:12 - 00000000 ____D () C:\Users\Ondra K\AppData\Local\Packages
2015-01-31 09:29 - 2014-10-07 08:12 - 00000000 ____D () C:\Users\Ondra K\AppData\Local\Pokki
2015-01-28 21:01 - 2014-10-11 14:20 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\Skype
2015-01-28 14:14 - 2013-08-22 16:20 - 00000000 ____D () C:\windows\CbsTemp
2015-01-28 14:07 - 2014-10-17 16:34 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-28 14:07 - 2014-10-17 16:34 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-27 22:06 - 2014-10-06 19:48 - 00000000 ____D () C:\Users\Ondra K\AppData\Roaming\BSplayer
2015-01-22 09:21 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-01-21 09:34 - 2014-10-07 19:28 - 00000000 ____D () C:\Users\Ondra K\Documents\MATLAB
2015-01-15 09:03 - 2013-08-22 15:44 - 00510728 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-14 15:31 - 2014-10-07 09:02 - 00000000 ____D () C:\windows\system32\MRT
2015-01-14 15:18 - 2014-10-07 09:02 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-13 14:53 - 2014-12-04 13:36 - 00020728 _____ (Windows (R) Win 7 DDK provider) C:\windows\system32\Drivers\browserMon.sys
2015-01-06 10:15 - 2014-10-07 08:18 - 00000000 ____D () C:\Users\Ondra K\Desktop\7. semestr
2015-01-04 18:29 - 2014-10-11 14:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-04 18:29 - 2014-10-11 14:20 - 00000000 ____D () C:\ProgramData\Skype
2015-01-03 18:16 - 2014-12-26 10:18 - 00000000 ____D () C:\Program Files (x86)\KillingFloor_v.1055
2015-01-03 09:06 - 2014-10-07 08:18 - 00002303 _____ () C:\Users\Ondra K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

==================== Files in the root of some directories =======

2014-12-08 12:55 - 2014-12-08 12:55 - 0007605 _____ () C:\Users\Ondra K\AppData\Local\Resmon.ResmonCfg
2014-06-19 16:37 - 2014-06-19 16:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Ondra K\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe


Some content of TEMP:
====================
C:\Users\Ondra K\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn8czpf.dll
C:\Users\Ondra K\AppData\Local\Temp\oct1165.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\oct49D4.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\oct5161.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\oct7F0D.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\oct95BF.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\octC172.tmp.exe
C:\Users\Ondra K\AppData\Local\Temp\ose00000.exe
C:\Users\Ondra K\AppData\Local\Temp\ose00001.exe
C:\Users\Ondra K\AppData\Local\Temp\ose00003.exe
C:\Users\Ondra K\AppData\Local\Temp\Quarantine.exe
C:\Users\Ondra K\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 5345.86 MB
Total physical RAM: 7375.26 MB
Percentage of memory in use: 27%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wer.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\werdiagcontroller.dll:$CmdTcID
AlternateDataStreams: C:\windows\system32\WerFault.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\wermgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\Faultrep.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\FlashPlayerCPLApp.cpl:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\libeay32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\libssl32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\ssleay32.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wer.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\werdiagcontroller.dll:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WerFault.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\WerFaultSecure.exe:$CmdTcID
AlternateDataStreams: C:\windows\SysWOW64\wermgr.exe:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\ahcache.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\browserMon.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\lgandnetdiag64.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\lgandnetmodem64.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\windows\system32\Drivers\tap0901t.sys:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Desktop\22-12-2014 - 23-12-2014.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\adwcleaner_4.109.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Desktop\adwcleaner_4.109.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\FRSTLauncher.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\Kombinatorika.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\MerickaZoubekOTES_rev2008.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Desktop\ProbCv.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\10943182_4711312996300_419354001_n.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\12 Monkeys S01E03_killers.srt:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\14-1.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\15440_1474Vzorce.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\15440_7323Normovane-rozdeleni.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\2007zadani.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\201409_514-518.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\4x01-Cesta-do-Neznáma..avi:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\5083-op_persie.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\5405-1_22.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\5405_21.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\5923498.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\5947318.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\6129499.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\6177396.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Da-Vinciho-demoni-S01E04-CZ.avi:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E05-CZ.avi:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Da-Vinciho-démoni-S01E06-CZ.avi:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\da.vincis.demons.s02e08.hdtv.x264-killers.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Desktop.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\epd_2014_-_2015_zs (1).zip:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\FRSTLauncher (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Garena+_Install.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Garena+_Install.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\grimm.409.hdtv-lol.srt:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\grimm.411.hdtv-lol.srt:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Hx Diagram.doc:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Kopie dokumentu Gift Certificate (Holiday Gift Theme) (1).pptx:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Kopie dokumentu Gift Certificate (Holiday Gift Theme).pptx:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\libeay32.dll:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\libeay32.dll:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\mbam-setup-2.0.4.1028.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\mbam-setup-2.0.4.1028.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\outlander-subtitles-cz-1.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Priznani_FO_5405_21.xls:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\protokol (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Road_demo.wav:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\RSITx64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\RSITx64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\shplaylist.m3u:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\SSE.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\ssleay32.dll:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\ssleay32.dll:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\stalker.112.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\tcm851x32.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\tcm851x32.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\TeenBFF.14.05.22.Chloe.Amour.And.Giselle.Mari.Exotic.Erotic.Threesome.mp4:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\TO DO_20141201 (1).docx:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\torbrowser-install-4.0.2_en-US.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\TS104010887.dotx:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\TTCM_CVUT_timesheet_Capek_150103 (1).xlsm:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\TTCM_CVUT_timesheet_Capek_150103.xlsm:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Tunngle_Setup_v5.0.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Tunngle_Setup_v5.0.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Win32OpenSSL_Light-1_0_1j.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Win32OpenSSL_Light-1_0_1j.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\zadani.zip:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\zkouška PMS 8.1 2014.rar:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\Zkouška SSE.docx:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[kickass.so]sgames.presents.dragon.age.inquisition.2014.repack.multi2.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Borgman.2013.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Buh masakru _ Carnage.2011.READNFO.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 1 - Part 1 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 1 - Part 2 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 1 - Part 3 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 2 - Part 1 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 2 - Part 2 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 2 - Part 3 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 3 - Part 1 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 3 - Part 2 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 3 - Part 3 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 4 - Part 1 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 4 - Part 2 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 4 - Part 3 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Czech Harem 4 - Part 4 720p.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]CzechHarem 14.06.25 Czech Harem 5 Part 1 720p CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]CzechHarem 14.09.05 Czech Harem 5 Part 2 720p CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]CzechHarem 14.10.16 Czech Harem 5 Part 3 720p CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]CzechHarem 14.11.10 Czech Harem 6 Part 1 720p CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]CzechHarem 14.12.17 Czech Harem 6 Part 2 720p CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Drakula_ Neznama legenda _ Dracula.Untold.2014.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Driv nez pujdu spat _ Before.I.Go.To.Sleep.2014.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Fakju pane uciteli _ Fack.ju.Gohte.2013.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Nobelova posledni vule _ Nobels.testamente.2012.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x17 - Jedlik Lucas DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x18 - Budouci budoucnost DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x19 - Co cekat, kdyz Bart ceka DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x20 - Zivot v kostce DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x21 - Pratelstvi za vsechny penize DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi 25x22 - Zluta medaile za zbabelost DVB-T CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E17 - Jedlik Lucas (2014) CZ .torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E18 - Budouci budoucnost (2014) CZ.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E19 - Co cekat, kdyz Bart ceka (2014) CZ .torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E20 - Zivot v kostce (2014) CZ .torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E21 - Pratelstvi za vsechny penize (2014) CZ .torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Simpsonovi _ The Simpsons S25E22 - Zluta medaile za zbabelost (2014) CZ .torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Spinave prachy _ The.Drop.2014.REPACK.BDRip.XviD.CZ-TreZzoR (1).torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Spinave prachy _ The.Drop.2014.REPACK.BDRip.XviD.CZ-TreZzoR.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]The.Interview.2014.HDRip.XVID.AC3.HQ.Hive-CM8 CZ titulky.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Ondra K\Downloads\[TreZzoR]Zmizela _ Gone.Girl.2014.BDRip.x264.CZ-TreZzoR.torrent:$CmdZnID

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AlternateDataStreams: C:\Users\Ondra K\Downloads\Road_demo.wav:$CmdZnID
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Disabled) {C8870897-C358-086B-2944-184866CC6D0A}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondra K\Desktop" je 8959 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Stoone píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondra K\Desktop" je 8959 MB.

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

S těma 8GB se holt stane, měl jsem tam nějaký instalačky .




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Ondra K at 2015-02-02 14:08:14 Run:1
Running from C:\Users\Ondra K\Desktop
Loaded Profiles: Ondra K (Available profiles: Ondra K & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\RunOnce: ["C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe"] => C:\Users\Ondra K\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe [256942480 2014-10-06] (DIAL GmbH) <===== ATTENTION
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [GoogleChromeAutoLaunch_B71ED58F74CD38662813BA4309C51FE6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-01] (Google Inc.)
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\...\Run: [uTorrent] => C:\Users\Ondra K\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-13] (BitTorrent, Inc.)

SearchScopes: HKU\S-1-5-21-1067718225-367633953-3890117072-1002 -> {178D9161-8542-463B-9D8E-CD0505C5DC82} URL =

FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File

2015-02-01 13:35 - 2015-02-01 13:36 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Ondra K\Downloads\mbam-setup-2.0.4.1028.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-27 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GShortCut => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\"C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\C:\Users\ONDRAK~1\AppData\Local\Temp\_ir_sf_temp_0\evoSetup_x64.exe" => value deleted successfully.
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B71ED58F74CD38662813BA4309C51FE6 => value deleted successfully.
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GarenaPlus => value deleted successfully.
HKU\S-1-5-21-1067718225-367633953-3890117072-1002\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
"HKU\S-1-5-21-1067718225-367633953-3890117072-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{178D9161-8542-463B-9D8E-CD0505C5DC82}" => Key deleted successfully.
HKCR\CLSID\{178D9161-8542-463B-9D8E-CD0505C5DC82} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk" => Key deleted successfully.
C:\Users\Ondra K\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 39.5 GB temporary data.


The system needed a reboot.

==== End of Fixlog 14:09:44 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

CC cleaner a defragmentaci používám sám - ale tak jsem to provedl. Počítač vypadá v pohodě. Akorát mě tedy zarazilo, že před tím byly nějaké viry v adresáři comoda = tj. v adresáři antiviru. To pro něj není moc dobrá vizitka...
Díky za pomoc!

Stoone píše:Akorát mě tedy zarazilo, že před tím byly nějaké viry v adresáři comoda = tj. v adresáři antiviru. To pro něj není moc dobrá vizitka...

To je v poradku, byly v karantene Comoda, cili neskodne. Ale kdyz uz je MBAM vystoural i tam, smazali jsme je


Nemate zac!

Mejte se a treba zase nekdy