VIRY.CZ

Zdravím.. včera mi kdosi na steamu psal o výměnu itemů s tím, že posílá screenshot.. po kliknutí na odkaz mi to ihned bloknul ESET.. Tak jsem mu napsal, ať ten obrázek hodí jinam, že ten web je asi zavirovanej...
Odpověděl mi naprosto stejně, jako byla jeho první zpráva.. tak jsem usoudil, že se jedná o Bota a Vir byl úmyslnej.. Tak jsem si toho dotyčnýho odebral z přátel a dál ho neřešil..
Ale dneska mi nějak podezřele dlouho nabíhal Steam a tak jsem ho radši i přeinstaloval a žádám tedy o kontrolu, jestli se mi přecijen nějakej ten sajrajt do PC nedostal.. díky

-------------------
LOG
-------------------


Logfile of random's system information tool 1.10 (written by random/random)
Run by Ententeak at 2015-02-10 14:41:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (8%) free of 114 GB
Total RAM: 16329 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:41:23, on 10.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe
C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Users\Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Winamp\winampa.exe
Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Genius\Manticore\MTHid.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
Z:\Steam\Steam.exe
Z:\Steam\bin\steamwebhelper.exe
Z:\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Ententeak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=C:\xoblite\Blackbox.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RemoteControl11] z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXMediaServer] F:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Manticore] C:\Program Files (x86)\Genius\Manticore\MThid.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "Z:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [6542646B9DED72962FBB1185AD73BDDC9A45E599._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Rainmeter.lnk = D:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NetDrive Service (ndsvc) - Bdrive Inc. - C:\Program Files\NetDrive\ndsvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - Z:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - z:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 18743 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {786CACB7-AAF3-462E-83E9-05AD3D899B17}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Aston2\Aston2.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe" -onlytray
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe" --type=host --daemon-pipe=416
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe"
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
"z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe"
"z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe" -/service
"C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\NetDrive\ndsvc.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"z:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss a2af34c6-33ee-48bb-a712-5b934e67b4b2 0
\??\C:\Windows\system32\conhost.exe "-1300956677-15879369322936645474388426991020920635-168736544113537829191240135535
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-961197256-141462770394489131712556104989074048671097854859-980827260-477315544
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
"C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe" /p
"C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe"
"C:/Users/Ententeak/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
"C:\Users\Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"D:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Xfire\Xfire.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe"
"C:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 4268
"D:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Genius\Manticore\MTHid.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 4332
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 4268
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5160.39b9c3e0.186589272 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5160 "\\.\pipe\gecko-crash-server-pipe.5160" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash2908.5DAF6220.7864 --host-broker-channel=Flash2908.5DAF6220.21133 --host-pid=2908 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=7196.002CF2CC.1090732749 --proxy-stub-channel=Flash2908.5DAF6220.7864 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Users\Ententeak\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Ententeak\AppData\Local\Hola\firefox --firefox
C:\Windows\explorer.exe /factory,{682159d9-c321-47ca-b3f1-30e36b2ec8b9} -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"Z:\Steam\Steam.exe"
"Z:\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "Z:\Steam\config\htmlcache" -cookiepath "Z:\Steam\config\cookies" -steampid 5940 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"Z:\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="5124.0.1229473499\1983363294" /prefetch:673131151
"D:\_Antihavěť\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Zdravim

Log neni cely, potrebuji i zbytek.

aha.. nevím proč, ale nějak se tomu nechtělo kopírovat sekci "Scheduled tasks folder" .. musel jsem to brát po jednotlivých řádcích... zbytek už šel v pohodě..
Zde je tedy ten zbytek:

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core.job - C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA.job - C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.CZE
nppdf32.dll
nppdf32.HRV
nppdf32.HUN
nppdf32.POL
nppdf32.SKY
nppdf32.SLV
npwachk.dll

C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\extensions\
anycolor.pavlos256@gmail.com
extension@virtusdesigns.com
jid1-4P0kohSJxU1qGg@jetpack
NPDyyno@dyyno.com
pastebin.com@gmail.com
safariviewwin@systemantics.net
staged
yyginstantplay@yoyogames.com
{1c70e98e-bd0d-11db-8314-0800200c9a66}
{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
{7694c49c-9fbd-11dc-8314-0800200c9a66}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}

C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\searchplugins\
facebook.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-11-12 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04 343456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04 343456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04 343456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 855608]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2918656]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Google Update"=C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-21 116648]
"Steam"=Z:\Steam\steam.exe [2015-01-23 1942720]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2011-08-17 4527424]
"6542646B9DED72962FBB1185AD73BDDC9A45E599._service_run"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-04 843592]
"QIP Internet Guardian"=C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe [2014-03-04 436720]
"Akamai NetSession Interface"=C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe [2014-10-29 4673432]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-07-18 14426624]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2014-03-04 8503280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-09-07 43608]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2014-09-04 41360]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2014-09-04 840592]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]
"RemoteControl11"=z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe [2011-09-14 230696]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-04-23 43848]
"DivXMediaServer"=F:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe []
"iTunesHelper"=D:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-15 152392]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"Manticore"=C:\Program Files (x86)\Genius\Manticore\MThid.exe [2013-10-29 293376]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Netdrive"=C:\Program Files\NetDrive\netdrive.exe [2014-05-07 3620864]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe

C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - D:\Program Files\Rainmeter\Rainmeter.exe
Xfire.lnk - C:\Program Files (x86)\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux2"=wdmaud.drv
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv
"midi9"=wdmaud.drv
"aux6"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
.txt - open - C:\PROGRA~2\PSPADE~1\PSPad.exe "%1"

======List of files/folders created in the last 1 month======

2015-02-10 14:41:22 ----D---- C:\rsit
2015-02-10 07:14:32 ----D---- C:\Users\Ententeak\AppData\Roaming\java
2015-01-26 22:43:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 21:21:11 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 21:21:11 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 21:21:11 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 21:21:11 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 21:21:10 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 21:21:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 21:21:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 21:21:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 21:21:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 21:21:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 21:21:08 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 21:21:08 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 21:21:08 ----A---- C:\Windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-02-10 14:41:23 ----D---- C:\Windows\Temp
2015-02-10 14:41:23 ----D---- C:\Program Files\trend micro
2015-02-10 11:59:00 ----D---- C:\Windows\system32\logs
2015-02-10 08:12:21 ----D---- C:\Windows\system32\config
2015-02-09 17:05:14 ----D---- C:\Users\Ententeak\AppData\Roaming\Dropbox
2015-02-09 17:04:59 ----D---- C:\Program Files (x86)\QIP 2012
2015-02-09 17:04:50 ----D---- C:\ProgramData\NVIDIA
2015-02-09 16:07:18 ----D---- C:\Windows\System32
2015-02-09 15:58:06 ----D---- C:\ProgramData\Zoom Player
2015-02-07 13:09:23 ----D---- C:\ProgramData\Package Cache
2015-02-07 13:09:22 ----SHD---- C:\Windows\Installer
2015-02-06 18:04:32 ----RD---- C:\Program Files (x86)
2015-02-06 18:04:29 ----D---- C:\Windows\Tasks
2015-02-04 21:49:08 ----D---- C:\Windows\SysWOW64
2015-02-04 21:49:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-31 10:54:14 ----D---- C:\Users\Ententeak\AppData\Roaming\Mozilla
2015-01-30 10:51:59 ----A---- C:\Windows\WINCMD.INI
2015-01-30 10:21:43 ----A---- C:\Windows\wcx_ftp.ini
2015-01-27 13:03:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 06:01:37 ----D---- C:\ProgramData\Oracle
2015-01-26 06:00:37 ----D---- C:\Program Files (x86)\Common Files
2015-01-26 05:59:44 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-26 05:59:43 ----A---- C:\Windows\system32\javaws.exe
2015-01-26 05:59:43 ----A---- C:\Windows\system32\javaw.exe
2015-01-26 05:59:43 ----A---- C:\Windows\system32\java.exe
2015-01-26 05:59:38 ----D---- C:\Program Files\Java
2015-01-26 05:58:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-26 05:58:39 ----A---- C:\Windows\SYSWOW64\javaws.exe
2015-01-26 05:58:39 ----A---- C:\Windows\SYSWOW64\javaw.exe
2015-01-26 05:58:39 ----A---- C:\Windows\SYSWOW64\java.exe
2015-01-26 05:58:35 ----D---- C:\Program Files (x86)\Java
2015-01-20 19:41:57 ----D---- C:\ProgramData\Origin
2015-01-20 14:36:11 ----D---- C:\Users\Ententeak\AppData\Roaming\Blockscape
2015-01-20 14:20:46 ----D---- C:\Users\Ententeak\AppData\Roaming\Xfire
2015-01-20 12:28:34 ----D---- C:\Program Files (x86)\AC3Filter
2015-01-20 12:28:27 ----D---- C:\Program Files (x86)\LAV Filters
2015-01-20 12:28:22 ----D---- C:\Program Files (x86)\ffdshow
2015-01-15 14:57:54 ----D---- C:\Windows\winsxs
2015-01-15 14:56:54 ----D---- C:\Windows\system32\drivers
2015-01-15 14:37:45 ----D---- C:\Windows\system32\MRT
2015-01-15 14:29:26 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 21:20:39 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-11-25 120408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-03-22 526392]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-10-12 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2012-10-12 14464]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-11-24 916024]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-11-24 128080]
R1 VDiskBus;ASUS Disk Unlocker; C:\Windows\system32\DRIVERS\VDiskBus64.sys [2010-09-21 43136]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.3.0;AODDriver4.3.0; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2014-01-08 59624]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 170640]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 50624]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-08-24 75248]
R3 ASFLTDrv.sys;ASFLTDrv.sys; \??\C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-09-16 16512]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-10-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2014-02-01 34032]
R3 TRIDCap;AVerMedia service; C:\Windows\system32\DRIVERS\AVerTM62_x64.sys [2010-08-30 1593216]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-24 141440]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-11-24 156360]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DIRECTIO;DIRECTIO; \??\D:\Program Files\PerformanceTest\DirectIo64.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-02-01 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2014-02-01 27760]
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2013-11-12 14136]
S3 ndfs;ndfs; \??\C:\Program Files\NetDrive\ndfs.sys [2013-02-01 63712]
S3 netr28ux;TP-LINK Wireless USB Adapter; C:\Windows\system32\DRIVERS\netr28ux.sys [2012-02-14 1547616]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sclbl;sclbl; \??\D:\AeriaGames\ScarletBlade\avital\scarbt64.sys [2014-06-20 86352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-11-01 113936]
S3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2013-11-12 90424]
S3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2013-11-12 15160]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-10-12 920736]
R2 ASDiskUnlocker;ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2010-12-02 258688]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-10-12 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-10-12 149120]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-06 397312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-09-02 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-09-02 292136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 HiSuiteOuc64.exe;HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [2014-09-05 138272]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [2014-09-05 219680]
R2 chromoting;@C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [2014-12-15 56648]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 ndsvc;NetDrive Service; C:\Program Files\NetDrive\ndsvc.exe [2013-02-25 2789376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-13 935240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-04 76888]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 129624]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-13 410768]
R2 TeamViewer8;TeamViewer 8; z:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-15 641352]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2014-01-08 137584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-11-25 800536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-11-06 182304]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-26 114800]
S3 Origin Client Service;Origin Client Service; Z:\Program Files (x86)\Origin\OriginClientService.exe [2015-01-20 1903472]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 OverwolfUpdaterService;Overwolf Updater Service; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-01-30 98560]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe []

-----------------EOF-----------------

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

# AdwCleaner v4.110 - Logfile created 11/02/2015 at 17:08:44
# Updated 05/02/2015 by Xplode
# Database : 2015-02-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ententeak - ENTENTEAK-PC
# Running from : D:\_Antihavěť\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Ententeak\AppData\Local\Hola

***** [ Scheduled tasks ] *****

Task Deleted : RunAsStdUser Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Conduit
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v35.0.1 (x86 cs)

[6nh6nwz6.default\prefs.js] - Line Deleted : user_pref("extensions.customizegoogle.cookies.SafeSearch", "empty");
[6nh6nwz6.default\prefs.js] - Line Deleted : user_pref("extensions.customizegoogle.cookies.enableSafeSearch", false);
[6nh6nwz6.default\prefs.js] - Line Deleted : user_pref("socialfixer.1111906339/cached_content/donate_pagelet", "{\"expires_on\":1380737827299,\"content\":\"<div style=\\\"background-color:#ffffcc;border:1px solid #cccc99;padding:5px;-moz-border-[...]

-\\ Google Chrome v40.0.2214.111


-\\ Chromium v


*************************

AdwCleaner[0].txt - [27776 bytes] - [15/08/2013 16:50:46]
AdwCleaner[R0].txt - [1893 bytes] - [11/02/2015 17:06:18]
AdwCleaner[S0].txt - [1826 bytes] - [11/02/2015 17:08:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1885 bytes] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tak po cca 6 hodinách testování mi napsal
" Scan completed successfully! No malicious items were detected!        View detailed log >> "
Je nutný sem teda házet log?

ententeak píše:Je nutný sem teda házet log?

Neni


MBAM muzete odinstalovat.


Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by Ententeak (administrator) on ENTENTEAK-PC on 13-02-2015 08:59:46
Running from C:\Users\Ententeak\Desktop
Loaded Profiles: Ententeak (Available profiles: Ententeak)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(Gladiators Software) C:\Program Files\Aston2\Aston2.exe
(CyberLink) Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Bdrive Inc.) C:\Program Files\NetDrive\ndsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(TeamViewer GmbH) Z:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(QIP.ru) C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe
(Akamai Technologies, Inc.) C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
(QIP) C:\Program Files (x86)\QIP 2012\qip.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Akamai Technologies, Inc.) C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
(Dropbox, Inc.) C:\Users\Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe
() D:\Program Files\Rainmeter\Rainmeter.exe
(Xfire Inc.) C:\Program Files (x86)\Xfire\Xfire.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(CyberLink Corp.) Z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
(KYE) C:\Program Files (x86)\Genius\Manticore\MTHid.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Xfire\xfire64.exe
(Valve Corporation) Z:\Steam\Steam.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\Ententeak\AppData\Local\Hola\firefox\app\hola_plugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(forum.viry.cz) C:\Users\Ententeak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [855608 2007-09-27] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2918656 2011-01-12] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [RemoteControl11] => z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe [230696 2011-09-14] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => F:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Manticore] => C:\Program Files (x86)\Genius\Manticore\MThid.exe [293376 2013-10-29] (KYE)
HKLM-x32\...\Winlogon: [Shell] C:\xoblite\Blackbox.exe [306176 ] () <=== ATTENTION
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Google Update] => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-21] (Google Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Steam] => Z:\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [6542646B9DED72962FBB1185AD73BDDC9A45E599._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [QIP Internet Guardian] => C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe [436720 2014-03-04] (QIP.ru)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [14426624 2014-07-18] ()
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Infium] => C:\Program Files (x86)\QIP 2012\qip.exe [8503280 2014-03-04] (QIP)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\MountPoints2: {39b4cea7-dfe2-11e3-8a9a-14dae9470116} - I:\autorun.exe
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Winlogon: [Shell] C:\Program Files\Aston2\Aston2.exe [345088 2011-11-28] (Gladiators Software) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ententeak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => d:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => d:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => d:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => d:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => d:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => d:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2533601784-2699114045-1034528460-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 82.208.56.105

FireFox:
========
FF ProfilePath: C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @hola.org/vlc,version=1.6.625 -> C:\Users\Ententeak\AppData\Local\Hola\firefox\app\vlc ()
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ententeak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @talk.google.com/O1DPlugin -> C:\Users\Ententeak\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ententeak\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ententeak\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ententeak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2533601784-2699114045-1034528460-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ententeak\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Ententeak\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\searchplugins\facebook.xml
FF Extension: ClipConverter Desktop - C:\Users\Ententeak\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\desktop@clipconverter.cc.xpi [2013-05-19]
FF Extension: AnyColor - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\anycolor.pavlos256@gmail.com [2013-03-21]
FF Extension: Virtus Search Opt-in - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\extension@virtusdesigns.com [2013-03-21]
FF Extension: Hola Better Internet - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-02-11]
FF Extension: Simple Dyyno Launcher - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\NPDyyno@dyyno.com [2013-03-21]
FF Extension: Pastebin - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\pastebin.com@gmail.com [2013-03-21]
FF Extension: Safari View Win - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\safariviewwin@systemantics.net [2013-03-21]
FF Extension: YoYo Games InstantPlay - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\yyginstantplay@yoyogames.com [2013-03-21]
FF Extension: MultiSidebar - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{1c70e98e-bd0d-11db-8314-0800200c9a66} [2013-03-21]
FF Extension: ChatZilla - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2014-12-20]
FF Extension: Aquatint Black - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66} [2013-03-21]
FF Extension: IE Tab - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2013-12-25]
FF Extension: IE Tab - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2) [2013-03-21]
FF Extension: FT DeepDark - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-01-03]
FF Extension: CustomizeGoogle - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb} [2013-03-21]
FF Extension: Classic Theme Restorer - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-04-30]
FF Extension: ClipConverter - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\clipconverter@clipconverter.cc.xpi [2013-03-21]
FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2013-04-06]
FF Extension: LuckyBar - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\jid0-RZ1wv8WwA7CKjr2eJZV648uKiuE@jetpack.xpi [2013-12-25]
FF Extension: Czech (CZ) Language Pack - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2014-03-07]
FF Extension: NASA Night Launch - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\nasanightlaunch@example.com.xpi [2013-03-21]
FF Extension: Personas Plus - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\personas@christopher.beard.xpi [2013-05-25]
FF Extension: Social Fixer - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\socialfixer@mattkruse.com.xpi [2013-05-22]
FF Extension: Status-4-Evar - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\status4evar@caligonstudios.com.xpi [2013-06-01]
FF Extension: Tile Tabs - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\tiletabs@DW-dev.xpi [2013-03-21]
FF Extension: Stylish - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-03-21]
FF Extension: Popomungo - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{9935ef86-61cd-4f48-a057-ab2c5172031d}.xpi [2013-03-21]
FF Extension: DownThemAll! - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-21]
FF Extension: Greasemonkey - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-03-21]
FF Extension: Download Manager Tweak - C:\Users\Ententeak\AppData\Roaming\Mozilla\Firefox\Profiles\6nh6nwz6.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2013-04-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-03-21]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-21]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Ententeak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Ententeak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Ententeak\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmnpffgfpcohhpoddjankjanolcekbni [2015-02-05]
CHR Extension: (Tampermonkey) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-08-26]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-05-23]
CHR Extension: (Hola Better Internet) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-04-07]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-02-05]
CHR Extension: (APK Downloader) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpglblnnaocjhfenhockgamhoogihfi [2013-05-19]
CHR Extension: (Peněženka Google) - C:\Users\Ententeak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-10-12] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-10-12] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-10-12] (ASUSTeK Computer Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-30] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-06] () [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe [56648 2015-02-01] (Google Inc.)
R2 CLHNServiceForPowerDVD; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-09-02] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-09-02] (CyberLink)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-06] (EasyAntiCheat Ltd)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2011-01-12] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138272 2014-09-05] ()
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [219680 2014-09-05] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [2789376 2013-02-25] (Bdrive Inc.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; Z:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-20] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-01-30] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-09-04] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [800536 2013-11-25] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer8; z:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
S4 nvUpdatusService; "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-10-12] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-10-12] ()
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170640 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-12-21] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [170640 2010-12-21] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [34144 2010-12-21] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-12-21] (ESET)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 ndfs; C:\Program Files\NetDrive\ndfs.sys [63712 2013-02-01] (Bdrive Inc.)
R2 ntk_PowerDVD; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [75248 2011-08-24] (Cyberlink Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 sclbl; D:\AeriaGames\ScarletBlade\avital\scarbt64.sys [86352 2014-06-20] ()
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2014-02-01] (Sony Ericsson Mobile Communications)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2013-03-22] () [File not signed]
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TRIDCap; C:\Windows\System32\DRIVERS\AVerTM62_x64.sys [1593216 2010-08-30] (AVerMedia TECHNOLOGIES, Inc. )
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-11-01] (Oracle Corporation)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-02] (CyberLink Corp.)
U3 ax73ly57; C:\Windows\System32\Drivers\ax73ly57.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)
S3 DIRECTIO; \??\D:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 08:59 - 2015-02-13 09:00 - 00040071 _____ () C:\Users\Ententeak\Desktop\FRST.txt
2015-02-13 08:59 - 2015-02-13 08:59 - 00000000 ____D () C:\FRST
2015-02-13 08:32 - 2015-02-13 08:19 - 02134016 _____ (Farbar) C:\Users\Ententeak\Desktop\FRST64.exe
2015-02-13 08:32 - 2015-02-13 08:19 - 00112640 _____ (forum.viry.cz) C:\Users\Ententeak\Desktop\FRSTLauncher.exe
2015-02-12 14:43 - 2015-02-13 08:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-12 14:43 - 2015-02-12 14:43 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-12 14:43 - 2015-02-12 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-12 14:43 - 2015-02-12 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-12 14:43 - 2015-02-12 14:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-12 14:43 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-12 14:43 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-12 14:43 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-12 06:51 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 06:51 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 06:51 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 06:51 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 06:50 - 2015-02-12 06:50 - 00000000 ____D () C:\Users\Ententeak\AppData\Local\Hola
2015-02-11 06:41 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 06:41 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 06:41 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 06:41 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 06:41 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 06:41 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 06:41 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 06:41 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 06:41 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 06:41 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 06:41 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 06:41 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 06:41 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 06:41 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 06:41 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 06:41 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 06:41 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 06:41 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 06:41 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 06:41 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 06:41 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 06:41 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 06:41 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 06:41 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 06:41 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 06:41 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 06:41 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 06:41 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 06:41 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 06:41 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 06:41 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 06:41 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 06:41 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 06:41 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 06:41 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 06:41 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 06:41 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 06:41 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 06:41 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 06:41 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 06:41 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 06:41 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 06:41 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 06:41 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 06:41 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 06:41 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 06:41 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 06:41 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 06:41 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 06:41 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 06:41 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 06:41 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 06:41 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 06:41 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 06:41 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 06:41 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 06:41 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 06:41 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 06:41 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 06:41 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 06:41 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 06:41 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 06:40 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 06:40 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 06:40 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 06:40 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 06:40 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 06:40 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 06:40 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 06:40 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 06:40 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 06:40 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 06:40 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 06:40 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 06:40 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 06:40 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 06:40 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 06:40 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 06:40 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 06:40 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 06:40 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 06:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 06:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 06:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 06:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 06:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 06:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 06:40 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 06:40 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 06:40 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 06:40 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 06:40 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 06:40 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 06:40 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 06:40 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 06:39 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 14:41 - 2015-02-10 14:41 - 00000000 ____D () C:\rsit
2015-02-10 07:14 - 2015-02-10 07:14 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\java
2015-02-07 11:37 - 2015-02-07 11:37 - 00000000 ____D () C:\Users\Ententeak\Downloads\Hola
2015-02-07 11:34 - 2015-02-07 11:34 - 00000000 ____D () C:\Users\Ententeak\AppData\Local\J
2015-02-05 20:54 - 2015-02-05 21:04 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2015-02-05 20:53 - 2015-02-05 20:53 - 00002313 _____ () C:\Users\Ententeak\Desktop\Spouštěč aplikací Chrome.lnk
2015-02-05 20:53 - 2015-02-05 20:53 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-05 18:38 - 2015-02-05 18:38 - 00000000 ____D () C:\Users\Ententeak\AppData\Local\Steam
2015-01-26 22:43 - 2015-01-26 22:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 21:21 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 21:21 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 21:21 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 21:21 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 21:21 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 21:21 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-13 08:58 - 2013-10-09 09:09 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA.job
2015-02-13 08:58 - 2013-03-21 10:59 - 00008836 _____ () C:\Windows\WINCMD.INI
2015-02-13 08:56 - 2013-03-21 10:59 - 00004591 _____ () C:\Windows\wcx_ftp.ini
2015-02-13 08:49 - 2013-03-21 16:07 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-13 08:16 - 2014-06-24 17:25 - 00000000 ____D () C:\Users\Ententeak\AppData\Local\Adobe
2015-02-13 08:09 - 2013-10-09 14:22 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-13 08:09 - 2013-03-21 10:32 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-13 08:09 - 2009-07-14 05:45 - 00022272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-13 08:09 - 2009-07-14 05:45 - 00022272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-13 08:07 - 2013-03-21 09:53 - 01436909 _____ () C:\Windows\WindowsUpdate.log
2015-02-13 08:04 - 2014-03-15 12:58 - 00000000 ____D () C:\Users\Ententeak\Documents\temp
2015-02-13 08:04 - 2013-10-09 14:22 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-13 08:04 - 2013-03-21 11:00 - 00000000 ____D () C:\Program Files (x86)\QIP 2012
2015-02-13 08:04 - 2013-03-21 10:53 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Dropbox
2015-02-13 08:04 - 2009-07-14 05:51 - 00129819 _____ () C:\Windows\setupact.log
2015-02-12 22:50 - 2013-12-13 11:16 - 00358396 _____ () C:\ndsvc.log
2015-02-12 22:50 - 2013-03-21 10:40 - 00152090 _____ () C:\Windows\PFRO.log
2015-02-12 22:50 - 2013-03-21 10:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-12 22:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-12 22:45 - 2013-03-21 21:50 - 00000000 ____D () C:\ProgramData\Zoom Player
2015-02-12 21:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 18:57 - 2013-10-09 09:09 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core.job
2015-02-11 17:08 - 2013-08-15 16:50 - 00000000 ____D () C:\AdwCleaner
2015-02-11 12:33 - 2009-07-14 05:45 - 05147336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 12:32 - 2014-12-11 00:26 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 12:32 - 2014-05-02 13:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 08:45 - 2013-03-22 09:34 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-11 08:45 - 2013-03-22 09:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 08:38 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2015-02-11 08:35 - 2013-07-12 14:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 08:25 - 2013-03-21 21:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 14:41 - 2013-08-15 10:14 - 00000000 ____D () C:\Program Files\trend micro
2015-02-09 17:16 - 2013-03-21 23:38 - 00000522 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-02-09 17:16 - 2013-03-21 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-09 17:04 - 2009-07-14 06:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 12:35 - 2013-03-21 09:53 - 00000000 ____D () C:\Users\Ententeak
2015-02-07 13:09 - 2013-03-30 12:37 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-07 12:41 - 2013-03-21 23:47 - 00000000 ____D () C:\Users\Ententeak\Documents\my games
2015-02-06 18:04 - 2013-03-21 10:32 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 18:04 - 2013-03-21 10:32 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-06 08:05 - 2013-03-21 10:32 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 18:53 - 2013-03-21 21:16 - 00003960 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA
2015-02-05 18:53 - 2013-03-21 21:16 - 00003564 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core
2015-02-04 21:49 - 2013-03-21 16:07 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-04 21:49 - 2013-03-21 16:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 21:49 - 2013-03-21 16:07 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-31 10:54 - 2013-08-25 20:34 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Mozilla
2015-01-27 13:03 - 2013-03-21 10:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 06:01 - 2014-01-09 19:21 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 05:59 - 2014-02-19 17:45 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-26 05:59 - 2014-02-19 17:45 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-26 05:59 - 2014-02-19 17:45 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-26 05:59 - 2014-02-19 17:45 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-26 05:59 - 2013-03-21 16:13 - 00000000 ____D () C:\Program Files\Java
2015-01-26 05:58 - 2014-10-18 15:50 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-26 05:58 - 2014-10-18 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-26 05:58 - 2014-10-18 15:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-26 05:58 - 2014-10-18 15:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-26 05:58 - 2013-08-07 13:21 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-20 19:41 - 2013-08-17 07:35 - 00000000 ____D () C:\ProgramData\Origin
2015-01-20 14:36 - 2014-12-13 17:25 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Blockscape
2015-01-20 14:20 - 2013-03-21 21:33 - 00000000 ____D () C:\Users\Ententeak\AppData\Roaming\Xfire
2015-01-20 12:30 - 2014-09-07 10:05 - 00001977 _____ () C:\Users\Public\Desktop\Zoom Player MAX.lnk
2015-01-20 12:28 - 2013-03-21 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
2015-01-20 12:28 - 2013-03-21 21:57 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2015-01-20 12:28 - 2013-03-21 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2015-01-20 12:28 - 2013-03-21 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2015-01-20 12:28 - 2013-03-21 21:56 - 00000000 ____D () C:\Program Files (x86)\LAV Filters
2015-01-20 12:28 - 2013-03-21 21:55 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2015-01-16 07:41 - 2014-06-18 14:18 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-01-16 07:41 - 2014-06-18 14:18 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-01-16 07:41 - 2013-10-29 06:26 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-01-16 07:41 - 2013-10-29 06:26 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

==================== Files in the root of some directories =======

2013-12-25 15:22 - 2014-12-06 19:41 - 0000132 _____ () C:\Users\Ententeak\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2013-03-23 19:56 - 2014-12-20 00:10 - 0000132 _____ () C:\Users\Ententeak\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2013-05-03 10:11 - 2013-12-27 20:17 - 0001728 _____ () C:\Users\Ententeak\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2013-06-06 08:29 - 2013-06-06 08:30 - 0003072 _____ () C:\Users\Ententeak\AppData\Local\file__0.localstorage
2013-04-21 15:35 - 2012-11-15 13:14 - 3236864 _____ () C:\Users\Ententeak\AppData\Local\MyLocker v2.0.0.0.exe
2014-05-08 22:46 - 2014-05-08 22:54 - 0000600 _____ () C:\Users\Ententeak\AppData\Local\PUTTY.RND
2014-11-29 17:17 - 2014-11-29 17:17 - 0007289 _____ () C:\Users\Ententeak\AppData\Local\recently-used.xbel
2013-03-24 16:03 - 2014-05-11 14:46 - 0007603 _____ () C:\Users\Ententeak\AppData\Local\Resmon.ResmonCfg
2013-08-27 09:38 - 2013-08-27 09:38 - 0000040 _____ () C:\ProgramData\ra3.ini

Some content of TEMP:
====================
C:\Users\Ententeak\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4hvass.dll
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.432.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.487.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.554.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.575.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.749.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.794.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.806.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.855.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.885.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.903.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.5.954.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.120.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.139.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.165.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.180.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.224.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.256.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.284.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.326.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.344.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.390.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.434.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.449.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.463.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.467.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.474.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.485.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.520.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.536.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.540.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.555.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.584.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.625.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.64.exe
C:\Users\Ententeak\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.98.exe
C:\Users\Ententeak\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Ententeak\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Ententeak\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Ententeak\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Ententeak\AppData\Local\Temp\nvStInst.exe
C:\Users\Ententeak\AppData\Local\Temp\Quarantine.exe
C:\Users\Ententeak\AppData\Local\Temp\sqlite3.dll
C:\Users\Ententeak\AppData\Local\Temp\zp950max.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 20:27




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.69 GB) (Free:5.39 GB) NTFS
Drive d: () (Fixed) (Total:345.57 GB) (Free:52.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:488.28 GB) (Free:166.79 GB) NTFS
Drive f: (Users) (Fixed) (Total:71.01 GB) (Free:46.09 GB) NTFS
Drive i: (PENDRIVE) (Removable) (Total:29.26 GB) (Free:27.68 GB) FAT32
Drive v: (Virtualbox) (Fixed) (Total:97.66 GB) (Free:42.19 GB) NTFS
Drive z: (Teakoidek2) (Fixed) (Total:1792 GB) (Free:74.39 GB) NTFS

Available physical RAM: 11423.89 MB
Total physical RAM: 16329.32 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version: - Size Five Games)
Disk: 0 (Size: 1863 GB) (Disk ID: 72407CB5)
Partition 1: (Not Active) - (Size=1792 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=71 GB) - (Type=OF Extended)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C511A935)
Partition 1: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=345.6 GB) - (Type=07 NTFS)
Disk: 3 (Size: 29.3 GB) (Disk ID: C0CC6AF3)
Partition 1: (Active) - (Size=29.3 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core.job => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA.job => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Microsoft:2mcde8m8AbsrCudw9tRxyY
AlternateDataStreams: C:\ProgramData\Microsoft:5qQXeoYLS1G5jA7HQLXeMMvGV
AlternateDataStreams: C:\ProgramData\Microsoft:DoATu1iyPs0AUrH5JPdQs2Mlmc3cK
AlternateDataStreams: C:\ProgramData\Microsoft:KvaYHqz5S5NyTZYA7Tzy
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\7vd1SDovu:LH3EUZeoslOhXfkIFZVFmZVh
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\clgx3T65B6mQ:tFAY5eMQAi1eLPfRw
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\MkoopICgdhiAZy:fXFo6S62NdWPDsgHdKdVIj

==================== Security Center ==================

AV: ESET Smart Security 4.2 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 4.2 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ententeak\Desktop" je 4 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Pokud nepouzivate, odinstalujte Akamai

Vypnete trvale Windows Defender


Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-02-2015
Ran by Ententeak at 2015-02-13 16:41:00 Run:1
Running from C:\Users\Ententeak\Desktop
Loaded Profiles: Ententeak (Available profiles: Ententeak)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [RemoteControl11] => z:\Program Files (x86)\CyberLink\PowerDVD11\PowerDVD11\PDVD11Serv.exe [230696 2011-09-14] (CyberLink Corp.)
HKLM-x32\...\Run: [DivXMediaServer] => F:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Google Update] => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-21] (Google Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Steam] => Z:\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [6542646B9DED72962FBB1185AD73BDDC9A45E599._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [QIP Internet Guardian] => C:\Users\Ententeak\AppData\Roaming\QipGuard\QipGuard.exe [436720 2014-03-04] (QIP.ru)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ententeak\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [14426624 2014-07-18] ()
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\...\Run: [Infium] => C:\Program Files (x86)\QIP 2012\qip.exe [8503280 2014-03-04] (QIP)

Toolbar: HKU\S-1-5-21-2533601784-2699114045-1034528460-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core.job => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA.job => C:\Users\Ententeak\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Microsoft:2mcde8m8AbsrCudw9tRxyY
AlternateDataStreams: C:\ProgramData\Microsoft:5qQXeoYLS1G5jA7HQLXeMMvGV
AlternateDataStreams: C:\ProgramData\Microsoft:DoATu1iyPs0AUrH5JPdQs2Mlmc3cK
AlternateDataStreams: C:\ProgramData\Microsoft:KvaYHqz5S5NyTZYA7Tzy
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\7vd1SDovu:LH3EUZeoslOhXfkIFZVFmZVh
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\clgx3T65B6mQ:tFAY5eMQAi1eLPfRw
AlternateDataStreams: C:\Users\Ententeak\AppData\Local\MkoopICgdhiAZy:fXFo6S62NdWPDsgHdKdVIj

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\JMB36X IDE Setup => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl11 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Pro Agent => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\6542646B9DED72962FBB1185AD73BDDC9A45E599._service_run => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Bloody2 => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Infium => value deleted successfully.
HKU\S-1-5-21-2533601784-2699114045-1034528460-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM" => Key deleted successfully.
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) not found.
SwitchBoard => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
NAUpdate => Service deleted successfully.
SeaPort => Service deleted successfully.
gupdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2533601784-2699114045-1034528460-1000UA.job => Moved successfully.
C:\ProgramData\Microsoft => ":2mcde8m8AbsrCudw9tRxyY" ADS removed successfully.
C:\ProgramData\Microsoft => ":5qQXeoYLS1G5jA7HQLXeMMvGV" ADS removed successfully.
C:\ProgramData\Microsoft => ":DoATu1iyPs0AUrH5JPdQs2Mlmc3cK" ADS removed successfully.
C:\ProgramData\Microsoft => ":KvaYHqz5S5NyTZYA7Tzy" ADS removed successfully.
C:\Users\Ententeak\AppData\Local\7vd1SDovu => ":LH3EUZeoslOhXfkIFZVFmZVh" ADS removed successfully.
C:\Users\Ententeak\AppData\Local\clgx3T65B6mQ => ":tFAY5eMQAi1eLPfRw" ADS removed successfully.
C:\Users\Ententeak\AppData\Local\MkoopICgdhiAZy => ":fXFo6S62NdWPDsgHdKdVIj" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 6.3 GB temporary data.


The system needed a reboot.

==== End of Fixlog 16:41:26 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

Tak PC je na tom celkově v pohodě..
Jen jsem se "nechal chytit" neznámým na steamu.. v práci jsem se bavil s kolegou, ať si mě přidá a po práci jsem měl čekající žádost... Bohužel jsem se ho nezeptal na jeho přezdívku a myslel jsem tedy, že je to on...
První, co mi přišlo byl odkaz na obrázek, kterej mi eset bloknul.. a na dotaz odpovídal anglicky..

Tak jsem si říkal, že si to radši nechám prověřit, jestli přecijen něco neprolezlo...

Tím DelFixem to projedu až zítra a pak dám kdyžtak vědět, kdyby se něco změnilo..

Takže tedy díky...

DelFix jen uklidi po mnou pouzitych programech

Dejte tedy pak vedet a kdyz bude vse v poradku, mame hotovo a muzem tema uzavrit



29.3. http://forum.viry.cz/viewtopic.php?f=12&t=123975