VIRY.CZ

Dobry den, poprosil by som o kontrolu PC, nezaznamenal som ziadne problemy.

Dakujem.

Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by gk at 2015-02-04 19:35:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 26 GB (15%) free of 172 GB
Total RAM: 8189 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:06, on 4. 2. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\Sandboxie\32\SbieSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\gk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gkmodel.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\gk\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune (User 'Default user')
O4 - Global Startup: HD Writer.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing)
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: metasploitPostgreSQL - PostgreSQL Global Development Group - C:\metasploit\postgresql\bin\pg_ctl.exe
O23 - Service: Metasploit Pro Service (metasploitProSvc) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Metasploit Thin Service (metasploitThin) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Metasploit Worker (metasploitWorker) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11807 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Sandboxie\SbieSvc.exe"
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\SysWOW64\bgsvcgen.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
"C:\Program Files\CyberGhost 5\Service.exe"
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\Windows\system32\conhost.exe "9852767891118351755489772975-1659856953-1792445413-259986252-795753301871600317
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\Windows\system32\conhost.exe "1900911813-1980599907-12490298382134551591-143911626712693173-198944225275695718
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\Windows\system32\conhost.exe "-222137532114450555-85208466730378391143196114518701089481513246337427677974
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-30c7f33c-523a-41ee-8ed1-6f0aefa12bd0 -SystemEventPortName:HostProcess-d9c8ba4e-97c5-479b-8180-eca53a967ad8 -IoCancelEventPortName:HostProcess-e2de22aa-74bb-42ed-96eb-0a0a1be39697 -NonStateChangingEventPortName:HostProcess-0499381b-f27e-44a2-bbd2-110dbffacd7b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7bcdcb38-c8ab-4f22-abb2-befeabd77590
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Sandboxie\SbieSvc.exe" Sandboxie_GuiProxy_00000001,1096
"taskhost.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Sandboxie\32\SbieSvc.exe" Sandboxie_ComProxy_S-1-5-21-1107628383-3052209328-3316003341-1000_DefaultBox_1_1_:
"C:\Program Files (x86)\Steam\Steam.exe"

C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\metasploit\postgresql\bin\pg_ctl.exe" runservice -N "metasploitPostgreSQL" -D "C:/metasploit/postgresql/data"
"C:\metasploit\postgresql\bin\postgres.exe" -D "C:/metasploit/postgresql/data"
\??\C:\Windows\system32\conhost.exe "933807588-512158726-1579135622-207769053011825536341979933105760907705985024326
"C:/metasploit/postgresql/bin/postgres.exe" "--forklog" "1212" "1208"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1204" "-x4"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1244" "-x3"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkboot" "1204" "-x5"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkavlauncher" "1244"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkcol" "1204"
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\engine" prosvc_service.rb -E production
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\ui" thin_service.rb
C:\metasploit\ruby\bin\ruby.exe -C "C:\metasploit\apps\pro\ui" worker_service.rb
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1244"
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1288"
cmd.exe /c "C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe" -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
\??\C:\Windows\system32\conhost.exe "392134888-63024374315089456811924394463-327545441596924014-15357210541548327098
C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe -c C:\metasploit\apps\pro\nginx\conf\nginx.conf
\??\C:\Windows\system32\conhost.exe "60116802-96640998-121006740-6012387341939471084-713002614-9332415082104706157
"C:/metasploit/postgresql/bin/postgres.exe" "--forkbackend" "1280"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 4644 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1107628383-3052209328-3316003341-100074_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1107628383-3052209328-3316003341-100074 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe75_ Global\UsGthrCtrlFltPipeMssGthrPipe75 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"E:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/advanced_search"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{3e9a3920-1b27-11da-8cd6-0800200c9a66}
{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432dd630-7e03-4c97-9d62-b99f52df4fc2}]
Microsoft Web Test Recorder 12.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05 71520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-10-17 13307496]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\gk\AppData\Roaming\uTorrent\utorrent.exe [2014-04-13 398760]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2014-09-18 688984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-10-08 843480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client.jar]
C:\Users\gk\Client.jar []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe [2014-10-14 784904]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-09-23 3477640]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HD Writer.lnk - C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-04 17:53:29 ----D---- C:\Program Files\WinPcap
2015-02-04 17:52:03 ----D---- C:\metasploit
2015-02-04 17:00:35 ----D---- C:\Python34
2015-02-03 19:03:09 ----D---- C:\Users\gk\AppData\Roaming\NuGet
2015-02-03 18:22:16 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-02-03 18:21:34 ----D---- C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-02-03 18:16:55 ----D---- C:\Program Files (x86)\Microsoft XDE
2015-02-03 18:15:45 ----D---- C:\Program Files (x86)\AppInsights
2015-02-03 18:14:18 ----D---- C:\Program Files (x86)\Windows Phone Kits
2015-02-03 18:10:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-03 18:09:42 ----D---- C:\Program Files (x86)\Workflow Manager Tools
2015-02-03 18:09:40 ----D---- C:\Program Files (x86)\Open XML SDK
2015-02-03 18:09:39 ----D---- C:\Program Files\Microsoft Identity Extensions
2015-02-03 18:09:28 ----D---- C:\Program Files\Windows Identity Foundation
2015-02-03 18:09:28 ----D---- C:\Program Files (x86)\Windows Identity Foundation
2015-02-03 18:09:10 ----D---- C:\Program Files\SharePoint Client Components
2015-02-03 18:09:08 ----D---- C:\Program Files (x86)\Microsoft
2015-02-03 18:08:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2015-02-03 18:08:02 ----D---- C:\Program Files\Application Verifier
2015-02-03 18:08:02 ----D---- C:\Program Files (x86)\Application Verifier
2015-02-03 18:07:59 ----D---- C:\ProgramData\Windows App Certification Kit
2015-02-03 18:06:57 ----D---- C:\ProgramData\PreEmptive Solutions
2015-02-03 18:05:48 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-02-03 18:05:16 ----D---- C:\Program Files (x86)\Microsoft Web Tools
2015-02-03 18:04:58 ----D---- C:\Program Files\IIS Express
2015-02-03 18:04:58 ----D---- C:\Program Files (x86)\IIS Express
2015-02-03 18:04:48 ----D---- C:\ProgramData\NuGet
2015-02-03 18:04:48 ----D---- C:\Program Files (x86)\NuGet
2015-02-03 18:04:46 ----D---- C:\Program Files (x86)\Microsoft WCF Data Services
2015-02-03 18:04:43 ----D---- C:\Program Files\IIS
2015-02-03 18:04:43 ----D---- C:\Program Files (x86)\IIS
2015-02-03 18:03:56 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2015-02-03 18:03:42 ----D---- C:\Program Files (x86)\Windows Kits
2015-02-03 17:59:37 ----D---- C:\Program Files (x86)\HTML Help Workshop
2015-02-03 17:59:21 ----D---- C:\Windows\symbols
2015-02-03 17:59:19 ----D---- C:\Program Files (x86)\Microsoft Help Viewer
2015-02-03 17:58:36 ----D---- C:\Windows\SYSWOW64\1033
2015-02-03 17:58:35 ----D---- C:\Program Files\Microsoft SQL Server
2015-02-03 17:58:35 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2015-02-03 17:56:56 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-02-03 17:56:55 ----D---- C:\Windows\system32\1033
2015-02-03 17:56:52 ----D---- C:\Program Files\Microsoft Visual Studio 12.0
2015-02-03 17:56:52 ----D---- C:\Program Files (x86)\Microsoft SDKs
2015-02-03 17:54:13 ----D---- C:\Windows\Migration
2015-02-03 17:54:11 ----SHD---- C:\Config.Msi
2015-02-03 17:52:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-02-02 10:25:03 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-02 10:24:01 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-02 10:24:01 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-02-02 10:24:01 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-02 10:24:01 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-02-02 01:00:22 ----D---- C:\Windows\pss
2015-02-02 00:52:49 ----RD---- C:\Sandbox
2015-02-02 00:51:11 ----A---- C:\Windows\Sandboxie.ini
2015-02-02 00:50:40 ----D---- C:\Program Files\Sandboxie
2015-02-01 13:59:15 ----D---- C:\Users\gk\AppData\Roaming\Nano
2015-01-31 22:43:01 ----D---- C:\ProgramData\Nimoru
2015-01-27 20:02:55 ----D---- C:\Users\gk\AppData\Roaming\Sony Creative Software Inc
2015-01-26 19:36:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-19 05:51:05 ----D---- C:\ProgramData\ATI
2015-01-19 05:51:03 ----D---- C:\Program Files (x86)\AMD AVT
2015-01-17 20:19:29 ----D---- C:\Users\gk\AppData\Roaming\AdobeMuse
2015-01-17 20:11:43 ----D---- C:\Users\gk\AppData\Roaming\com.adobe.AdobeMuseCC.2014.0
2015-01-14 21:54:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 21:54:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 21:54:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 21:54:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 21:54:35 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 21:54:35 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 21:54:35 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 21:54:33 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 21:54:32 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 21:54:32 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 21:54:32 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 21:54:32 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 21:54:32 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 21:54:32 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 21:54:32 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-05 21:45:56 ----D---- C:\Users\gk\AppData\Roaming\Charles

======List of files/folders modified in the last 1 month======

2015-02-04 19:35:06 ----D---- C:\Windows\Temp
2015-02-04 19:35:06 ----D---- C:\Program Files\trend micro
2015-02-04 19:03:51 ----D---- C:\Users\gk\AppData\Roaming\TS3Client
2015-02-04 17:58:38 ----D---- C:\Windows
2015-02-04 17:56:55 ----D---- C:\Users\gk\AppData\Roaming\uTorrent
2015-02-04 17:53:29 ----RD---- C:\Program Files
2015-02-04 17:53:29 ----D---- C:\Windows\SysWOW64
2015-02-04 17:53:29 ----D---- C:\Windows\system32\drivers
2015-02-04 17:53:29 ----D---- C:\Windows\System32
2015-02-04 17:53:11 ----SHD---- C:\Windows\Installer
2015-02-04 17:42:32 ----D---- C:\ProgramData\Microsoft Help
2015-02-04 17:00:31 ----SHD---- C:\System Volume Information
2015-02-04 16:39:19 ----RSD---- C:\Windows\assembly
2015-02-04 16:09:30 ----D---- C:\Program Files (x86)\Steam
2015-02-04 07:44:36 ----D---- C:\Users\gk\AppData\Roaming\Skype
2015-02-03 22:03:50 ----D---- C:\Windows\Microsoft.NET
2015-02-03 18:53:48 ----D---- C:\Windows\Logs
2015-02-03 18:53:48 ----D---- C:\Windows\inf
2015-02-03 18:53:48 ----D---- C:\Users\gk\AppData\Roaming\DAEMON Tools Lite
2015-02-03 18:22:16 ----RD---- C:\Program Files (x86)
2015-02-03 18:21:41 ----RSD---- C:\Windows\Fonts
2015-02-03 18:17:06 ----SD---- C:\Users\gk\AppData\Roaming\Microsoft
2015-02-03 18:17:06 ----SD---- C:\ProgramData\Microsoft
2015-02-03 18:12:58 ----D---- C:\ProgramData\Package Cache
2015-02-03 18:09:38 ----D---- C:\Windows\winsxs
2015-02-03 18:09:13 ----D---- C:\Windows\SoftwareDistribution
2015-02-03 18:09:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-03 18:08:54 ----D---- C:\Windows\system32\config
2015-02-03 18:08:48 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-02-03 18:07:59 ----D---- C:\ProgramData
2015-02-03 18:07:26 ----D---- C:\Program Files (x86)\Common Files
2015-02-03 18:06:46 ----D---- C:\Program Files\MSBuild
2015-02-03 17:57:52 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-02-03 17:56:56 ----D---- C:\Program Files (x86)\MSBuild
2015-02-03 17:55:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-03 17:54:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-02 20:46:17 ----D---- C:\Users\gk\AppData\Roaming\.minecraft
2015-02-01 07:48:10 ----D---- C:\HDW20_TMP
2015-01-31 22:15:50 ----D---- C:\Users\gk\AppData\Roaming\dclogs
2015-01-31 13:53:57 ----A---- C:\IFRToolLog.txt
2015-01-30 17:58:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-27 04:49:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 18:25:24 ----D---- C:\Users\gk\AppData\Roaming\vlc
2015-01-24 12:30:13 ----D---- C:\ProgramData\Oracle
2015-01-24 12:30:10 ----D---- C:\Program Files\Java
2015-01-24 12:29:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-20 17:20:40 ----D---- C:\Windows\system32\NDF
2015-01-19 05:51:04 ----D---- C:\ProgramData\AMD
2015-01-19 05:50:48 ----D---- C:\Program Files\AMD
2015-01-19 05:50:33 ----D---- C:\Program Files\ATI Technologies
2015-01-19 05:50:26 ----D---- C:\Windows\system32\catroot
2015-01-19 05:50:04 ----D---- C:\Windows\system32\DriverStore
2015-01-19 05:49:47 ----D---- C:\Program Files (x86)\AMD
2015-01-19 05:44:51 ----D---- C:\AMD
2015-01-17 20:11:44 ----D---- C:\Users\gk\AppData\Roaming\Adobe
2015-01-17 19:56:20 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-01-17 19:55:49 ----D---- C:\Program Files (x86)\Adobe
2015-01-17 19:54:34 ----D---- C:\ProgramData\Adobe
2015-01-16 05:44:31 ----D---- C:\Windows\Tasks
2015-01-16 05:44:31 ----D---- C:\Windows\system32\Tasks
2015-01-15 07:46:13 ----D---- C:\Windows\debug
2015-01-14 21:58:19 ----D---- C:\Windows\system32\MRT
2015-01-14 21:54:47 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 21:54:29 ----D---- C:\Windows\system32\catroot2
2015-01-10 05:26:36 ----D---- C:\ProgramData\DVD Shrink
2015-01-08 14:26:12 ----D---- C:\Program Files (x86)\Gyazo
2015-01-08 09:55:52 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-08-25 39208]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-27 279616]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2014-01-08 59624]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-10-08 122072]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-07-28 35344]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-07-29 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-07-29 79104]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-10-18 2957544]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-07-28 49264]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2014-10-14 185352]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2014-10-24 36736]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2014-07-27 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-07-27 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2014-07-27 30528]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2011-07-06 367976]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\SysWOW64\bgsvcgen.exe [2007-06-15 145504]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-10-08 409304]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-10-08 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-10-08 782040]
R2 CGVPNCliService;CyberGhost 5 Client Service; C:\Program Files\CyberGhost 5\Service.exe [2014-11-03 64616]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2014-05-17 919040]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2014-05-16 430344]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2014-04-17 22768]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 metasploitPostgreSQL;metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [2015-01-30 76800]
R2 metasploitProSvc;Metasploit Pro Service; C:\metasploit\ruby\bin\ruby.exe [2015-01-30 70239]
R2 metasploitThin;Metasploit Thin Service; C:\metasploit\ruby\bin\ruby.exe [2015-01-30 70239]
R2 metasploitWorker;Metasploit Worker; C:\metasploit\ruby\bin\ruby.exe [2015-01-30 70239]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-08-16 76152]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2014-10-14 174600]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2014-01-08 137584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-09-18 450904]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-03 15768]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-08-01 1436424]
S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2014-02-20 142336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-12 136120]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2014-05-17 78512]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28 174368]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-26 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-07-22 89232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-29 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Otestujte na virustotal.com C:\Users\gk\Client.jar - pokud uz byl soubor otestovany, zvolte Reanalyze. Do pristiho prispevku dejte link (odkaz) s vysledky analyzy.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

- Ten súbor som tam nenasiel, skusil som aj skryt a zobrazit zlozku cez vlastnosti ale zda sa mi, ze som ho vymazaval. Ked som dal skontrolovat zlozku Users cez Eset nic nenaslo.

- Dokonca som zistil, ze mi nieco blokovalo virustotal a ked som sa pozret do hosts v drivers/etc tak som tam nasiel blokovany virustotal a stranku http://www.tehneon.net/.

- Hned prilozim log z AdwCleaner

EDIT:

# AdwCleaner v4.109 - Report created 05/02/2015 at 16:18:58
# Updated 24/01/2015 by Xplode
# Database : 2015-02-04.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : gk - GK-PC
# Running from : E:\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\systemk
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\gk\AppData\Local\Temp\hotspot shield
Folder Deleted : C:\Users\gk\AppData\Roaming\FirefoxToolbar
File Deleted : C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\invalidprefs.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKLM\SOFTWARE\Email Notifier
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:8888;hxxps=127.0.0.1:8888

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 sk)


-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [2235 octets] - [05/02/2015 16:17:34]
AdwCleaner[S0].txt - [1931 octets] - [05/02/2015 16:18:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1991 octets] ##########

Diky za info

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Takze tu je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by gk (administrator) on GK-PC on 06-02-2015 07:33:07
Running from C:\Users\gk\Desktop
Loaded Profiles: gk (Available profiles: gk)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(BitTorrent, Inc.) C:\Users\gk\AppData\Roaming\uTorrent\utorrent.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5617432 2013-08-19] (ESET)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [uTorrent] => C:\Users\gk\AppData\Roaming\uTorrent\utorrent.exe [398760 2014-04-13] (BitTorrent, Inc.)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-09-18] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {3d3d1cbd-15c1-11e4-bec4-902b34a042a8} - J:\vs_ultimate.exe
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {96e66f0d-77d0-11e4-81a9-902b34a042a8} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [AOD] => C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk
ShortcutTarget: HD Writer.lnk -> C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://gkmodel.sk/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default
FF Homepage: hxxp://www.google.sk/advanced_search
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.no_proxies_on", "localhost, 127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.share_proxy_settings", false);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks", "46.165.193.67");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks_port", 7649);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.type", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.no_proxies_on", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.share_proxy_settings", false);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.type", 1);
FF NetworkProxy: "http", "74.50.126.249"
FF NetworkProxy: "http_port", 8089
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Garmin Communicator - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-10-11]
FF Extension: Charles Autoconfiguration - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66} [2015-01-05]
FF Extension: iMacros for Firefox - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-01-07]
FF Extension: anonymoX - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\client@anonymox.net.xpi [2014-08-25]
FF Extension: MEGA - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\firefox@mega.co.nz.xpi [2014-10-29]
FF Extension: Adblock Plus - C:\Users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\2151grj1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-11-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-07-27]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.countryradio.cz/"
CHR Profile: C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-29]
CHR Extension: (Disk Google) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-29]
CHR Extension: (YouTube) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-29]
CHR Extension: (Hľadať v Google) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-29]
CHR Extension: (Adobe Acrobat – Vytvoriť PDF) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-11-15]
CHR Extension: (Peňaženka Google) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-29]
CHR Extension: (Gmail) - C:\Users\gk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337240 2013-08-19] (ESET)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [450904 2014-09-18] (Garmin Ltd or its subsidiaries)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-16] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2014-07-27] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-20] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-08-26] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-08-20] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-08-20] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-08-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-20] (ESET)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-27] ()
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [File not signed]
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 AODDriver; \??\C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [X]
S2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; \??\C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 07:33 - 2015-02-06 07:33 - 00019202 _____ () C:\Users\gk\Desktop\FRST.txt
2015-02-06 07:32 - 2015-02-06 07:33 - 00000000 ____D () C:\FRST
2015-02-06 07:25 - 2015-02-06 07:25 - 02131968 _____ (Farbar) C:\Users\gk\Desktop\FRST64.exe
2015-02-06 06:33 - 2015-02-06 07:30 - 00000224 _____ () C:\Windows\setupact.log
2015-02-06 06:33 - 2015-02-06 06:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-05 20:32 - 2015-02-06 07:30 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd.job
2015-02-05 20:32 - 2015-02-06 06:40 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3.job
2015-02-05 20:32 - 2015-02-05 20:32 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3
2015-02-05 20:32 - 2015-02-05 20:32 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd
2015-02-05 16:17 - 2015-02-05 16:18 - 00000000 ____D () C:\AdwCleaner
2015-02-04 18:06 - 2015-02-04 18:06 - 00000000 ____D () C:\Users\gk\.msf4
2015-02-04 17:53 - 2015-02-04 20:08 - 00000000 ____D () C:\Program Files\WinPcap
2015-02-04 17:00 - 2015-02-04 17:00 - 00000000 ____D () C:\Python34
2015-02-04 17:00 - 2015-02-04 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-02-04 16:39 - 2015-02-04 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python Tools for Visual Studio 2013
2015-02-03 19:03 - 2015-02-03 19:03 - 00000000 ____D () C:\Users\gk\AppData\Roaming\NuGet
2015-02-03 18:22 - 2015-02-03 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-02-03 18:22 - 2015-02-03 18:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-02-03 18:21 - 2015-02-03 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-02-03 18:21 - 2015-02-03 18:21 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-02-03 18:17 - 2015-02-04 16:34 - 00000000 ____D () C:\Users\gk\Documents\Visual Studio 2013
2015-02-03 18:16 - 2015-02-03 18:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2015-02-03 18:15 - 2015-02-03 18:15 - 00000000 ____D () C:\Program Files (x86)\AppInsights
2015-02-03 18:14 - 2015-02-03 18:14 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2015-02-03 18:13 - 2015-02-03 18:14 - 34324222 _____ () C:\Users\gk\Downloads\torbrowser-install-4.0.3_en-US (1).exe
2015-02-03 18:09 - 2015-02-03 18:09 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2015-02-03 18:09 - 2015-02-03 18:09 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2015-02-03 18:09 - 2015-02-03 18:09 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2015-02-03 18:09 - 2015-02-03 18:09 - 00000000 ____D () C:\Program Files (x86)\Windows Identity Foundation
2015-02-03 18:09 - 2015-02-03 18:09 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2015-02-03 18:08 - 2015-02-03 18:08 - 00000000 ____D () C:\Program Files\Application Verifier
2015-02-03 18:08 - 2015-02-03 18:08 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2015-02-03 18:07 - 2015-02-03 18:16 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2015-02-03 18:07 - 2015-02-03 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-02-03 18:06 - 2015-02-03 18:06 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2015-02-03 18:05 - 2015-02-03 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2015-02-03 18:05 - 2015-02-03 18:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2015-02-03 18:04 - 2015-02-03 18:04 - 00000000 ____D () C:\ProgramData\NuGet
2015-02-03 18:04 - 2015-02-03 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-02-03 18:04 - 2015-02-03 18:04 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-02-03 18:04 - 2015-02-03 18:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2015-02-03 18:03 - 2015-02-03 18:07 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-02-03 18:03 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-02-03 17:59 - 2015-02-03 17:59 - 00000000 ____D () C:\Windows\symbols
2015-02-03 17:59 - 2015-02-03 17:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2015-02-03 17:59 - 2015-02-03 17:59 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2015-02-03 17:58 - 2015-02-04 20:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-02-03 17:58 - 2015-02-04 20:11 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-02-03 17:58 - 2015-02-03 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-02-03 17:56 - 2015-02-04 20:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-02-03 17:56 - 2015-02-04 20:11 - 00000000 ____D () C:\Windows\system32\1033
2015-02-03 17:56 - 2015-02-03 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-02-03 17:56 - 2015-02-03 17:56 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2015-02-03 15:39 - 2015-02-03 15:39 - 00000000 ____D () C:\Users\gk\AppData\Local\XilluX
2015-02-02 10:25 - 2015-02-02 10:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 10:24 - 2015-02-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-02 10:24 - 2015-02-02 10:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-02 10:24 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 10:24 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 10:24 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 01:00 - 2015-02-02 01:00 - 00000000 ____D () C:\Windows\pss
2015-02-02 00:52 - 2015-02-02 00:52 - 00000000 ___RD () C:\Sandbox
2015-02-02 00:51 - 2015-02-03 21:28 - 00001622 _____ () C:\Windows\Sandboxie.ini
2015-02-02 00:51 - 2015-02-02 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-02-02 00:50 - 2015-02-02 00:50 - 00000000 ____D () C:\Program Files\Sandboxie
2015-02-01 13:59 - 2015-02-01 13:59 - 00000000 ____D () C:\Users\gk\AppData\Roaming\Nano
2015-01-31 22:43 - 2015-01-31 22:43 - 00000000 ____D () C:\ProgramData\Nimoru
2015-01-27 20:02 - 2015-01-27 20:02 - 00000000 ____D () C:\Users\gk\AppData\Roaming\Sony Creative Software Inc
2015-01-26 19:36 - 2015-01-26 19:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-25 01:07 - 2015-01-25 01:07 - 01041688 _____ () C:\Users\gk\Desktop\c2c8d795e584b37966536177400d2f9c_large.jpeg
2015-01-22 22:53 - 2015-01-23 10:52 - 00000000 ____D () C:\Users\gk\Documents\MuseExport
2015-01-19 05:51 - 2015-01-19 05:51 - 00000000 ____D () C:\ProgramData\ATI
2015-01-19 05:51 - 2015-01-19 05:51 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-19 05:50 - 2015-01-19 05:50 - 00058610 _____ () C:\Windows\SysWOW64\CCCInstall_201501190550571052.log
2015-01-19 05:50 - 2015-01-19 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-17 20:19 - 2015-01-17 20:19 - 00000000 ____D () C:\Users\gk\AppData\Roaming\AdobeMuse
2015-01-17 20:11 - 2015-01-17 20:11 - 00000000 ____D () C:\Users\gk\AppData\Roaming\com.adobe.AdobeMuseCC.2014.0
2015-01-17 20:07 - 2015-01-22 22:13 - 00000714 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2014.lnk
2015-01-17 20:07 - 2015-01-17 20:07 - 00000613 _____ () C:\Users\Public\Desktop\Adobe Muse CC 2014.lnk
2015-01-17 19:58 - 2015-01-17 19:58 - 00000000 ____D () C:\Users\gk\Documents\Web bez názvu 2
2015-01-17 19:56 - 2015-01-17 19:56 - 00001235 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS6.lnk
2015-01-17 19:54 - 2015-01-17 19:54 - 00001523 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-01-17 19:54 - 2015-01-17 19:54 - 00001357 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-01-17 19:54 - 2015-01-17 19:54 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-01-17 19:54 - 2015-01-17 19:54 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-17 19:54 - 2015-01-17 19:54 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-14 21:54 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 21:54 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 21:54 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 21:54 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 21:54 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 21:54 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 21:54 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 21:54 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 21:54 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 21:54 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 21:54 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 21:54 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 21:54 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 21:54 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 21:54 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-07 11:55 - 2015-01-07 11:55 - 00000000 ____D () C:\Users\gk\Documents\iMacros

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 07:33 - 2014-07-28 15:09 - 00000000 ____D () C:\Users\gk\AppData\Roaming\uTorrent
2015-02-06 07:30 - 2014-11-11 20:06 - 01589042 _____ () C:\Windows\WindowsUpdate.log
2015-02-06 07:30 - 2014-07-29 13:40 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-06 07:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-06 06:39 - 2014-07-29 13:41 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-06 06:39 - 2009-07-14 16:18 - 00663336 _____ () C:\Windows\system32\perfh005.dat
2015-02-06 06:39 - 2009-07-14 16:18 - 00141926 _____ () C:\Windows\system32\perfc005.dat
2015-02-06 06:39 - 2009-07-14 06:13 - 01591106 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 06:39 - 2009-07-14 05:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-06 06:39 - 2009-07-14 05:45 - 00014256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-06 06:37 - 2014-07-29 13:40 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-05 21:41 - 2014-08-03 23:32 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-05 21:41 - 2014-07-27 21:25 - 00000000 ____D () C:\Users\gk\AppData\Roaming\Skype
2015-02-05 20:56 - 2014-08-03 17:10 - 00000000 ____D () C:\Users\gk\AppData\Roaming\TS3Client
2015-02-05 20:32 - 2014-07-29 13:40 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 20:32 - 2014-07-29 13:40 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 20:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-05 19:04 - 2014-08-03 18:44 - 00000000 ____D () C:\Users\gk\AppData\Roaming\.minecraft
2015-02-05 18:47 - 2014-11-06 16:38 - 00000000 ____D () C:\Users\gk\AppData\Local\osu!
2015-02-05 16:55 - 2014-09-19 23:30 - 00007620 _____ () C:\Users\gk\AppData\Local\Resmon.ResmonCfg
2015-02-05 07:14 - 2009-07-14 05:45 - 00404840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-04 21:01 - 2014-11-01 15:38 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2015-02-04 20:57 - 2014-08-07 18:27 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-02-04 20:56 - 2014-11-15 17:30 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-04 20:56 - 2014-07-27 19:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-04 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-04 20:20 - 2014-10-18 07:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-02-04 19:35 - 2014-10-07 14:18 - 00000000 ____D () C:\Program Files\trend micro
2015-02-04 18:06 - 2014-07-27 19:48 - 00000000 ____D () C:\Users\gk
2015-02-04 17:42 - 2014-07-27 20:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-04 17:05 - 2014-07-27 21:44 - 00103424 ___SH () C:\Users\gk\Documents\Thumbs.db
2015-02-03 18:53 - 2014-07-27 20:29 - 00000000 ____D () C:\Users\gk\AppData\Roaming\DAEMON Tools Lite
2015-02-03 18:23 - 2014-07-27 20:07 - 00105568 _____ () C:\Users\gk\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-03 18:12 - 2014-08-03 18:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-03 18:06 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 17:56 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 17:55 - 2014-08-03 18:20 - 01556914 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-02 19:03 - 2014-12-06 07:37 - 00000943 _____ () C:\Users\gk\Desktop\Serial.lnk
2015-02-02 01:01 - 2014-08-26 10:31 - 00002124 _____ () C:\Users\gk\Documents\Default.rdp
2015-02-01 07:48 - 2014-10-18 07:35 - 00000000 ____D () C:\HDW20_TMP
2015-01-31 21:54 - 2014-12-04 15:46 - 00000000 ____D () C:\Users\gk\Desktop\VPN
2015-01-30 18:04 - 2014-08-08 23:12 - 00000000 ____D () C:\Users\gk\AppData\Local\Adobe
2015-01-30 17:58 - 2014-10-31 17:34 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 17:58 - 2014-10-31 17:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-27 04:49 - 2014-07-28 15:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 18:25 - 2014-08-14 19:48 - 00000000 ____D () C:\Users\gk\AppData\Roaming\vlc
2015-01-24 12:30 - 2014-10-22 14:53 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 12:30 - 2014-08-03 16:42 - 00000000 ____D () C:\Program Files\Java
2015-01-24 12:29 - 2014-10-22 14:53 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-20 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 21:21 - 2014-08-11 12:27 - 00000000 ____D () C:\Users\gk\Documents\Action!
2015-01-19 05:51 - 2014-07-27 20:06 - 00000000 ____D () C:\ProgramData\AMD
2015-01-19 05:50 - 2014-10-22 15:02 - 00000000 ____D () C:\Program Files\AMD
2015-01-19 05:50 - 2014-10-22 15:01 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-19 05:49 - 2014-08-06 19:01 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-19 05:44 - 2014-08-03 18:13 - 00000000 ____D () C:\AMD
2015-01-17 20:11 - 2014-07-28 15:33 - 00000000 ____D () C:\Users\gk\AppData\Roaming\Adobe
2015-01-17 19:56 - 2014-08-08 23:14 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-17 19:54 - 2014-08-08 23:12 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-17 19:53 - 2014-08-08 23:12 - 00001534 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-01-14 21:58 - 2014-07-28 20:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:54 - 2014-07-28 20:51 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 05:26 - 2014-07-28 16:15 - 00000000 ____D () C:\ProgramData\DVD Shrink
2015-01-09 07:20 - 2009-07-14 06:08 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-08 14:26 - 2014-08-06 18:26 - 00003728 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2015-01-08 14:26 - 2014-08-06 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-01-08 14:26 - 2014-08-06 18:26 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2015-01-08 09:55 - 2014-07-27 20:24 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-11-06 19:00 - 2014-11-06 19:00 - 9649376 _____ () C:\Program Files (x86)\BlueStacks.rar
2014-09-15 10:53 - 2014-10-19 09:40 - 0003584 _____ () C:\Users\gk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-19 23:30 - 2015-02-05 16:55 - 0007620 _____ () C:\Users\gk\AppData\Local\Resmon.ResmonCfg
2014-11-07 15:06 - 2014-11-07 15:09 - 951929758 _____ () C:\ProgramData\ProgramData.rar

Some content of TEMP:
====================
C:\Users\gk\AppData\Local\Temp\Quarantine.exe
C:\Users\gk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 20:03

==================== End Of Log ============================


Tu je Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by gk at 2015-02-06 07:33:32
Running from C:\Users\gk\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.19.2 - Mirillis)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Muse CC 2014 (HKLM\...\{EC6FE191-AC85-4647-AE1E-8DE98D1E9737}) (Version: 2014.0.1.30 - Adobe Systems, Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.1 - Microsoft Corporation) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - česky (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 Language Pack - česky (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bitcoin Core (64-bit) (HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.2 - Bitcoin Core project)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bloody5 (HKLM-x32\...\Bloody3) (Version: 14.08.0004 - Bloody)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CINEMA 4D 15.008 (HKLM\...\MAXON12664043) (Version: 15.008 - MAXON Computer GmbH)
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Cowon JetAudio 8.0.7 1000 Slovak language (HKLM-x32\...\Cowon JetAudio 8.0.7 1000 Slovak language) (Version: - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CZ (x32 Version: 13.0 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Elevated Installer (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Smart Security (HKLM\...\{4A14DD4A-906A-4B04-A80C-6C589CDBE253}) (Version: 7.0.207.9 - ESET, spol s r. o.)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Garmin Express (HKLM-x32\...\{447c27b7-3a63-4cb2-a49c-864050f9a50f}) (Version: 3.2.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.19.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HD Writer AE 2.0 (HKLM-x32\...\{84639CB3-04D4-4758-B1D0-82E531D21F59}) (Version: 2.00.031.1033 - Panasonic Corporation)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
jetAudio Plus VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.15 - COWON)
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memory Profiler (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 with Update 3 (HKLM-x32\...\{71688083-99e8-4e10-9522-8e98a130c438}) (Version: 12.0.30723 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 sk)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{7cec97f9-816b-41f1-af8a-b9dc0e361ad8}) (Version: latest - ppy Pty Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Profili 2 (HKLM-x32\...\Profili 2) (Version: - )
Python 3.4.2 (HKLM-x32\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Python Tools 2.1 for Visual Studio 2013 (HKLM-x32\...\{7AD18985-A5E6-443D-B0AB-A9ECFBB389A0}) (Version: 2.1.21008.00 - Microsoft Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6409 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR9 (HKLM-x32\...\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}) (Version: 4.0.60309 - Robert McNeel & Associates)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{CDA02BF0-BFBC-11E3-AFA0-F04DA23A5C58}) (Version: 13.0.290 - Sony)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1107628383-3052209328-3316003341-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107628383-3052209328-3316003341-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107628383-3052209328-3316003341-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1107628383-3052209328-3316003341-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================

04-02-2015 19:42:27 Removed Ask Toolbar.
04-02-2015 20:10:35 Removed Microsoft Silverlight 5 SDK
04-02-2015 20:11:11 Removed Microsoft SQL Server 2012 Data-Tier App Framework (x64)
04-02-2015 20:11:36 Removed Microsoft SQL Server 2012 Native Client
04-02-2015 20:11:53 Removed Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
04-02-2015 20:12:09 Removed Microsoft SQL Server 2012 Data-Tier App Framework (x64)
04-02-2015 20:12:21 Removed Microsoft SQL Server System CLR Types
04-02-2015 20:13:52 Removed Microsoft Silverlight
04-02-2015 20:14:10 Removed Entity Framework 6.1.1 Tools for Visual Studio 2013
04-02-2015 20:17:09 Removed IIS 8.0 Express
04-02-2015 20:20:11 Removed Microsoft SQL Server Compact 4.0 SP1 x64 ENU
04-02-2015 20:20:59 Removed Microsoft SQL Server 2012 Express LocalDB
04-02-2015 20:24:24 Removed Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
04-02-2015 20:24:36 Removed Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
04-02-2015 20:26:26 Removed Microsoft Web Deploy 3.5
04-02-2015 20:32:34 Removed WCF RIA Services V1.0 SP2
04-02-2015 20:39:04 Removed Microsoft .NET Framework 4.5 Multi-Targeting Pack
04-02-2015 20:43:30 Removed Microsoft SQL Server 2012 Transact-SQL ScriptDom
04-02-2015 20:44:05 Removed Microsoft .NET Framework 4.5 SDK
04-02-2015 20:44:22 Removed Microsoft SQL Server System CLR Types (x64)
04-02-2015 20:45:38 Removed Microsoft SQL Server 2012 Management Objects (x64)
04-02-2015 20:46:01 Removed Prerequisites for SSDT
04-02-2015 20:46:12 Removed Microsoft SQL Server 2012 Management Objects
04-02-2015 20:49:22 Removed Microsoft SQL Server 2012 Data-Tier App Framework
04-02-2015 20:49:34 Removed Microsoft .NET Framework 4.5.1 SDK
04-02-2015 20:49:52 Removed Microsoft SQL Server Data Tools - enu (12.0.30919.1)
04-02-2015 20:55:39 Removed Microsoft System CLR Types for SQL Server 2012
04-02-2015 20:55:49 Removed Microsoft System CLR Types for SQL Server 2012 (x64)
04-02-2015 20:56:05 Removed Microsoft SQL Server 2012 T-SQL Language Service
04-02-2015 20:56:26 Removed Adobe Widget Browser
04-02-2015 20:56:38 Removed GTA San Andreas
04-02-2015 21:01:25 Removed HitLeap Viewer 2.8
05-02-2015 14:45:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-05 15:53 - 00000794 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {46CD80B2-4D24-4AEA-9A16-DBC61B8DFAB9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5F85909D-0CD8-4F52-BFD3-1B4B597988A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.)
Task: {631EF308-8A59-41B3-8391-558D15B63679} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {747FE7CB-D238-4549-9013-A241922FCE33} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {7724CA40-2B44-4B1B-BD74-1BD74D983211} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-09-18] ()
Task: {8A795679-7AD5-4406-B05E-7662A74805E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.)
Task: {A41CFF9D-3416-4B11-8DAA-5569A9A75416} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {C9A972D9-1FC3-4661-B085-3A3894F1D977} - System32\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.)
Task: {F4EE8488-5679-442D-9EC8-74EAC012553B} - System32\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-29] (Google Inc.)
Task: {FF562EB4-34AC-4145-B853-BB163FEEEF86} - System32\Tasks\VPNium => C:\Program Files (x86)\VPNium\vpnium.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-16 09:03 - 2014-08-16 09:03 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\cs_cz\acrotray.cze

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\gk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Client.jar => C:\Users\gk\Client.jar
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1107628383-3052209328-3316003341-500 - Administrator - Disabled)
gk (S-1-5-21-1107628383-3052209328-3316003341-1000 - Administrator - Enabled) => C:\Users\gk
Guest (S-1-5-21-1107628383-3052209328-3316003341-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1107628383-3052209328-3316003341-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Power Control [2014/12/23 12:54:26]
Description: Power Control [2014/12/23 12:54:26]
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: {C5F942FD-1110-4664-86CE-0C6BDA305235}
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2015 07:31:16 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/06/2015 06:33:57 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))


System errors:
=============
Error: (02/06/2015 07:31:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (02/06/2015 07:31:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Power Control [2014/12/23 12:54:26] neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (02/06/2015 07:31:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Garmin Core Update Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/06/2015 07:31:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Garmin Core Update Service bylo dosaženo časového limitu (30000 ms).

Error: (02/06/2015 06:33:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/06/2015 06:33:57 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (02/06/2015 06:33:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (02/06/2015 06:33:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Power Control [2014/12/23 12:54:26] neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (02/06/2015 06:33:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Garmin Core Update Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/06/2015 06:33:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Garmin Core Update Service bylo dosaženo časového limitu (30000 ms).


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 18%
Total physical RAM: 8189.38 MB
Available physical RAM: 6663.42 MB
Total Pagefile: 16376.94 MB
Available Pagefile: 14675.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.67 GB) (Free:25.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:260.03 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:609.29 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:360.1 GB) NTFS
Drive j: (VS2013_3_ULT_ENU) (CDROM) (Total:6.22 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 933005BA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 10185D91)
Partition 1: (Active) - (Size=167.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5EC65E73)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 927102DA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Proxy mate nastavene schvalne?

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
  HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
  HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
  HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {3d3d1cbd-15c1-11e4-bec4-902b34a042a8} - J:\vs_ultimate.exe
  HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {96e66f0d-77d0-11e4-81a9-902b34a042a8} - F:\HTC_Sync_Manager_PC.exe
  
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  FF Plugin: @microsoft.com/GENUINE -> disabled No File
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
  
  2015-02-05 16:17 - 2015-02-05 16:18 - 00000000 ____D () C:\AdwCleaner
  
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End
  

- Proxy nemam nastavene umyselne a uz som si davnejsie vsimol, ze som mal nastavene proxy v Mozille. Asi to bude, ze som instaloval Tor Browser ale uz som vypol proxy v Mozille.

- Zachvilu dam ten log

Log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by gk at 2015-02-07 13:32:21 Run:1
Running from C:\Users\gk\Desktop
Loaded Profiles: gk (Available profiles: gk)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {3d3d1cbd-15c1-11e4-bec4-902b34a042a8} - J:\vs_ultimate.exe
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\...\MountPoints2: {96e66f0d-77d0-11e4-81a9-902b34a042a8} - F:\HTC_Sync_Manager_PC.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

2015-02-05 16:17 - 2015-02-05 16:18 - 00000000 ____D () C:\AdwCleaner

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d3d1cbd-15c1-11e4-bec4-902b34a042a8}" => Key deleted successfully.
HKCR\CLSID\{3d3d1cbd-15c1-11e4-bec4-902b34a042a8} => Key not found.
"HKU\S-1-5-21-1107628383-3052209328-3316003341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96e66f0d-77d0-11e4-81a9-902b34a042a8}" => Key deleted successfully.
HKCR\CLSID\{96e66f0d-77d0-11e4-81a9-902b34a042a8} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0417a74f971fd.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0417a75102ea3.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 490.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:32:28 ====

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

Dakujem moc.

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy