VIRY.CZ

Ahoj dneska sem stahla asi neco co se nelibi memu pc a od te doby mi vyskakuje (co 2 min) okno
inet32upd.exe - system error
The program can't start because OpenCL.dll is missing from your computer. Try reinstalling the program to fi this problem.

Tohle okno vyskakuje i kdyz nic nedelam...moc prosim o pomoc.

Zdravim

Jelikoz vestit zatim neumime (ale pracujem na tom ), dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Doufam, ze je to ono a spravne
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2015 01
Ran by Kamilka (administrator) on KAMILKA-PC on 08-05-2015 18:18:16
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available profiles: Kamilka & Mcx1-KAMILKA-PC)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CANON INC.) C:\Program Files\Canon\My Image Garden\cnmigmain.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Hide My IP) C:\Program Files\Hide My IP 6\HideMyIpSrv.exe
(HideMyIP) C:\Program Files\Hide My IP 6\HideMyIP.exe
() C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\Kamilka\AppData\Roaming\Microsoft\Networking\inet32upd.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [RemoteControl8] => C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [3080264 2011-09-22] (ESET)
HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2005896 2015-03-25] (APN)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Facebook Update] => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-19] (Facebook Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [OneDrive] => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-26] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\MountPoints2: {a0ebb023-b1c5-11e0-b6ad-002454bbb9e9} - G:\AutoRun.exe
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Corporation)
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-05-08] ()
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nero.bat.lnk [2011-07-16]
ShortcutTarget: nero.bat.lnk -> C:\Windows\System32\nero.bat (No File)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
URLSearchHook: HKLM - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll No File
URLSearchHook: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll No File
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {2046C259-6CE9-4869-B991-91F1053D4FCD} URL = http://www.bing.com/search?FORM=BDKTDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {D4CC3440-DCFD-4C59-9F60-236BA32D6711} URL = http://websearch.ask.com/redirect?clien ... 10E6266EB1&
BHO: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files\ConduitEngine\ConduitEngine.dll No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-04] (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation)
BHO: uTorrentBar Toolbar -> {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} -> C:\Program Files\uTorrentBar\tbuTor.dll No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-04] (Oracle Corporation)
Toolbar: HKLM - uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll No File
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05] ()
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> uTorrentBar Toolbar - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\tbuTor.dll No File
Toolbar: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05] ()
Toolbar: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9 01 C:\windows\system32\HMIPCore.dll [353280 2015-05-07] (Hide My IP)
Winsock: Catalog9 02 C:\windows\system32\HMIPCore.dll [353280 2015-05-07] (Hide My IP)
Winsock: Catalog9 03 C:\windows\system32\HMIPCore.dll [353280 2015-05-07] (Hide My IP)
Winsock: Catalog9 04 C:\windows\system32\HMIPCore.dll [353280 2015-05-07] (Hide My IP)
Winsock: Catalog9 41 C:\windows\system32\HMIPCore.dll [353280 2015-05-07] (Hide My IP)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-06-23] (Apple Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-27]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-26]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-27]
CHR Extension: (Google Search) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-27]
CHR Extension: (http://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-14]
CHR Extension: (Bookmark Manager) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Skype Click to Call) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-01]
CHR Extension: (Google Wallet) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [180632 2015-03-25] (APN LLC.)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1846968 2015-04-22] (Microsoft Corporation)
R2 DiagTrack; C:\windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-22] (ESET)
R2 HideMyIpSRV; C:\Program Files\Hide My IP 6\HideMyIpSRV.exe [4341760 2015-04-26] (Hide My IP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER; C:\windows\System32\Drivers\CH341SER.SYS [39632 2009-06-02] (www.winchiphead.com)
R2 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R3 ElbyCDFL; C:\windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R2 epfw; C:\windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
R0 epfwwfp; C:\windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 s0017bus; C:\windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-11-06] () [File not signed]
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [182680 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 abew5z2z; C:\windows\system32\Drivers\abew5z2z.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 18:18 - 2015-05-08 18:18 - 00025216 _____ () C:\Users\Kamilka\Desktop\FRST.txt
2015-05-08 18:17 - 2015-05-08 18:18 - 00000000 ____D () C:\FRST
2015-05-08 18:16 - 2015-05-08 18:17 - 01141248 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2015-05-08 18:15 - 2015-05-08 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
2015-05-08 18:13 - 2015-05-08 18:14 - 02102272 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST64.exe
2015-05-07 14:53 - 2015-05-07 14:53 - 00002896 _____ () C:\windows\system32\HideMyIpSRVOff.ini
2015-05-07 14:53 - 2015-05-07 14:53 - 00000993 _____ () C:\Users\Kamilka\Desktop\Hide My IP 6.lnk
2015-05-07 14:53 - 2015-05-07 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide My IP 6
2015-05-07 14:53 - 2015-05-07 14:53 - 00000000 ____D () C:\Program Files\Hide My IP 6
2015-05-07 14:53 - 2015-04-26 14:38 - 00353280 _____ (Hide My IP) C:\windows\system32\HMIPCore.dll
2015-05-07 14:51 - 2015-05-07 14:52 - 03047040 _____ (My Privacy Tools, Inc. ) C:\Users\Kamilka\Downloads\hidemyip.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 03989440 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 03934144 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-06 18:32 - 2015-04-27 20:11 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-06 18:32 - 2015-04-27 20:08 - 01307648 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00851456 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00635392 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00364544 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-06 18:32 - 2015-04-27 20:03 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-06 18:32 - 2015-04-27 20:03 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-06 18:32 - 2015-04-27 20:01 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-06 18:32 - 2015-04-27 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-06 18:32 - 2015-04-27 19:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-06 18:32 - 2015-04-27 19:59 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-06 18:32 - 2015-04-27 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-06 18:30 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-04 17:58 - 2015-05-04 17:58 - 00242925 _____ () C:\Users\Kamilka\Downloads\[CzT]Lovci_duchu_Supernatural_1_4_serie_CZ_5_6_serie_EN_.torrent
2015-05-04 14:06 - 2015-05-04 14:06 - 00035172 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_3_serie_CZ_TvRip_.torrent
2015-05-04 14:04 - 2015-05-04 14:04 - 00023974 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_2_Serie_CZ_TvRip_.torrent
2015-05-04 14:02 - 2015-05-04 14:02 - 00017484 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_1_serie_CZ_TvRip_.torrent
2015-05-04 14:00 - 2015-05-04 14:00 - 00014901 _____ () C:\Users\Kamilka\Downloads\[CzT]Auta_Cars_1_2_2006_2011_CZ_.torrent
2015-05-02 10:16 - 2015-05-02 10:17 - 00028743 _____ () C:\Users\Kamilka\Downloads\[CzT]Padesat_odstinu_sedi_Fifty_Shades_of_Grey_2015_720pHD_.torrent
2015-05-01 10:42 - 2015-05-01 10:42 - 01556480 _____ () C:\windows\isRS-000.tmp
2015-04-28 00:54 - 2015-04-28 00:54 - 00015173 _____ () C:\Users\Kamilka\Downloads\[CzT]Nero_8_FULL_CZ.torrent
2015-04-27 17:13 - 2015-04-27 17:13 - 00014589 _____ () C:\Users\Kamilka\Downloads\[CzT]Microsoft_Windows_XP_Professional_SP3_CZ_8_2013_.torrent
2015-04-24 16:40 - 2015-03-14 04:04 - 01372160 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-04-24 16:40 - 2015-03-14 04:04 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-04-24 16:40 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-04-18 21:18 - 2015-04-18 21:18 - 00017701 _____ () C:\Users\Kamilka\Downloads\[CzT]Frajeri_ve_Vegas_Last_Vegas_2013_CZ_.torrent
2015-04-18 19:13 - 2015-04-18 19:13 - 00015237 _____ () C:\Users\Kamilka\Downloads\[CzT]Hra_o_truny_Game_of_Thrones_4_serie_CZ_TVRip_.torrent
2015-04-16 14:02 - 2015-04-16 14:02 - 00015129 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_Beyonce_Platinum_Edition_2CD_2014_.torrent
2015-04-16 14:02 - 2015-04-16 14:02 - 00015129 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_Beyonce_Platinum_Edition_2CD_2014_ (1).torrent
2015-04-16 14:01 - 2015-04-16 14:01 - 00020883 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_2013_.torrent
2015-04-15 09:23 - 2015-03-23 04:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 09:23 - 2015-03-23 03:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 09:23 - 2015-03-04 05:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 09:23 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 09:22 - 2015-04-02 00:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 09:22 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 09:22 - 2015-03-13 04:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 09:22 - 2015-03-13 04:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 09:22 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 09:22 - 2015-03-13 04:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 09:22 - 2015-03-13 04:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 09:22 - 2015-03-13 04:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 09:22 - 2015-03-13 04:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 09:22 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 09:22 - 2015-03-13 04:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 09:22 - 2015-03-13 04:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 09:22 - 2015-03-13 04:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 09:22 - 2015-03-13 04:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 09:22 - 2015-03-13 04:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 09:22 - 2015-03-13 04:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 09:22 - 2015-03-13 04:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:22 - 2015-03-13 04:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 09:22 - 2015-03-13 04:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:22 - 2015-03-13 03:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 09:22 - 2015-03-13 03:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 09:22 - 2015-03-13 03:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 09:22 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 09:22 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 09:22 - 2015-03-13 03:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 09:22 - 2015-03-13 03:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 09:22 - 2015-03-13 03:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 09:22 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 09:22 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 09:22 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 09:22 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 09:22 - 2015-03-05 05:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 09:17 - 2015-03-25 04:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 09:17 - 2015-03-25 04:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 09:17 - 2015-02-25 04:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 09:16 - 2015-03-10 04:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 09:16 - 2015-03-10 04:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-09 13:58 - 2015-04-09 13:58 - 00012493 _____ () C:\Users\Kamilka\Downloads\[CzT]George_Ezra_Wanted_On_Voyage_2014_Deluxe_Edition_.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-08 18:17 - 2012-04-10 20:54 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-08 17:59 - 2013-10-19 20:54 - 00000936 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
2015-05-08 17:26 - 2012-02-27 21:22 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
2015-05-08 13:33 - 2010-11-13 19:09 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Skype
2015-05-08 13:28 - 2012-01-26 21:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-08 13:28 - 2012-01-05 22:06 - 00000000 ____D () C:\Users\Kamilka\AppData\Local\CrashDumps
2015-05-08 13:28 - 2010-11-06 21:22 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2015-05-08 13:28 - 2010-11-06 21:07 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\uTorrent
2015-05-08 13:27 - 2014-09-18 19:17 - 00000000 ____D () C:\ProgramData\Origin
2015-05-08 12:25 - 2014-09-18 19:24 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Origin
2015-05-08 12:02 - 2014-09-18 19:23 - 00000000 ____D () C:\Program Files\Origin
2015-05-08 10:34 - 2014-02-28 11:04 - 00000000 ____D () C:\Users\Kamilka\Desktop\Hackovani & Siti
2015-05-08 09:37 - 2013-02-12 22:00 - 01131451 ____N () C:\windows\WindowsUpdate.log
2015-05-08 09:26 - 2012-02-27 21:21 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
2015-05-07 20:59 - 2013-10-19 20:54 - 00000914 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
2015-05-07 11:02 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2015-05-06 22:39 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-05-06 19:01 - 2014-02-23 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-06 19:01 - 2013-10-21 11:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-06 18:49 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 18:49 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 18:46 - 2009-07-26 21:06 - 00795502 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-06 18:42 - 2014-02-01 19:40 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-06 18:40 - 2010-11-06 18:10 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-05-06 18:39 - 2012-01-26 21:35 - 00000000 ____D () C:\Program Files\CDBurnerXP
2015-05-06 18:39 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-04 17:25 - 2013-10-28 21:06 - 00000000 ____D () C:\Users\Kamilka\Desktop\Jiricek
2015-05-04 13:13 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\NDF
2015-05-01 10:42 - 2012-01-26 21:35 - 00001887 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-05-01 10:42 - 2012-01-26 21:35 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-04-29 14:21 - 2014-11-12 16:01 - 00000000 ____D () C:\Program Files\Full Tilt UK
2015-04-24 23:02 - 2014-12-16 00:51 - 00000000 ____D () C:\Users\Kamilka\Desktop\hlinikove klece
2015-04-24 16:42 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-04-22 10:29 - 2010-11-13 19:09 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 22:00 - 2010-12-29 21:06 - 00000000 ____D () C:\Users\Kamilka\Desktop\Hudba
2015-04-19 20:41 - 2012-12-18 23:19 - 00000000 ____D () C:\Users\Kamilka\Desktop\Jirka ptaci
2015-04-15 21:27 - 2012-04-10 20:54 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-15 21:27 - 2011-06-16 06:10 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 16:53 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 16:04 - 2014-12-13 16:52 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 16:04 - 2014-05-02 09:31 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 15:53 - 2013-08-13 13:04 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 15:43 - 2010-11-06 19:54 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-09 13:39 - 2011-01-30 17:15 - 00000121 ___SH () C:\ProgramData\.zreglib

==================== Files in the root of some directories =======

2004-02-04 15:53 - 2004-02-04 15:53 - 0458752 ____H () C:\Program Files\Common Files\db.mdb
2004-02-04 14:54 - 2004-02-04 14:54 - 0000019 ____H () C:\Program Files\Common Files\General.txt
2004-02-04 15:53 - 2004-02-04 15:53 - 0458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 14:54 - 2004-02-04 14:54 - 0000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 18:33 - 2002-08-29 18:33 - 0319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2012-11-23 14:50 - 2012-11-23 14:50 - 0003584 _____ () C:\Users\Kamilka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-12 16:00 - 2014-11-12 16:00 - 51027168 _____ () C:\Users\Kamilka\AppData\Local\TempFullTiltUkSetup.exe
2011-01-30 17:15 - 2015-04-09 13:39 - 0000121 ___SH () C:\ProgramData\.zreglib
2010-11-13 19:12 - 2010-11-13 19:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-11-06 18:12 - 2010-01-16 08:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2013-12-24 00:40 - 2013-12-24 00:41 - 0000348 _____ () C:\ProgramData\hpzinstall.log
2010-06-13 23:51 - 2010-06-13 23:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-13 23:49 - 2010-06-13 23:50 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-13 23:46 - 2010-06-13 23:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-13 23:50 - 2010-06-13 23:51 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-13 23:45 - 2010-06-13 23:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-13 23:47 - 2010-06-13 23:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\ArivaUpgrade\ArivaUpgrade.exe
C:\Users\ArivaUpgrade\LZMA.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 5.0 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kamilka\Desktop" je 27757 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
"C:\Program Files\Electronic Arts\EADM\Core.exe" -silent [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Je to ono a je to spravne

Mate tam havet. Ale nedivim se, vidim, ze torrent jede o 106 a to je velmi casty zdroj nakazy


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tak tady je to prvni...
# AdwCleaner v4.203 - Logfile created 08/05/2015 at 18:54:58
# Updated 30/04/2015 by Xplode
# Database : 2015-05-08.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Kamilka - KAMILKA-PC
# Running from : C:\Users\Kamilka\Desktop\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\SpeedMaxPc
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Users\Kamilka\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Kamilka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kamilka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Kamilka\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Kamilka\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Kamilka\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Kamilka\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Kamilka\AppData\Roaming\SpeedMaxPc
File Deleted : C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_plarium.com_0.localstorage-journal
File Deleted : C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBF00E1-41EB-4197-B467-187CFB426650}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCBF00E1-41EB-4197-B467-187CFB426650}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E4542A1-BBC4-40F4-9AAE-EE6165AB63BF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D4CC3440-DCFD-4C59-9F60-236BA32D6711}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SpeedMaxPC
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\SpeedMaxPC
Key Deleted : HKLM\SOFTWARE\uTorrentBar
Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 88.146.243.17:8080

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Google Chrome v

[C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ff&src=crm&tb=FTB&o=41648107&locale=en_UK&apn_uid=8B08EE65-7F98-49E9-BCF2-C806AF11D467&apn_ptnrs=9D&apn_sauid=C017B4BC-6C41-4140-99DF-4810E6266EB1&apn_dtid=YYYYYYYYGB&q={searchTerms}&

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [15603 bytes] - [08/05/2015 18:52:57]
AdwCleaner[S0].txt - [11664 bytes] - [08/05/2015 18:54:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11724 bytes] ##########

A zde je to druhe..hloupa sem to omylem zavrela takze ten 2Hodinovy sken opakuju abych mohla ty hrozby vymazat...chjo
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 08/05/2015
Cas skenování: 19:09:36
Protokol: log.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.08.06
Databáze rootkitu: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Kamilka

Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 550768
Uplynulý cas: 2 hod, 29 min, 14 sek

Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíce registru: 4
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-3219418776-4157282183-555089908-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [b77fb2df1e6c95a1f3ac63ee58ab45bb],
PUP.Optional.ConduitTB.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [b77fb2df1e6c95a1f3ac63ee58ab45bb],
PUP.Optional.uTorrentBar.A, HKU\S-1-5-21-3219418776-4157282183-555089908-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [92a48c05dcaef83e1f2496b7f60d6898],
PUP.Optional.uTorrentBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, , [92a48c05dcaef83e1f2496b7f60d6898],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
RiskWare.Tool.CK, D:\Stahnute\Nero 8 FULL CZ\nero-8.x-keygen\Nero 8.x KeyGen.exe, , [999dd6bbc6c49c9a06155e4df2103bc5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Tak po skenu jsem dala odstranit a restartoval se pc...okno stale vyskakuje
A muzu se zeptat odkud se ta havet primo vzala?
Dekuji

Budte trpeliva, nejde to udelat najednou, musim to mazat postupne

To vam nereknu, z ceho presne. Nejpravdepodobneji z tech cracku.



Odinstalujte Spybota, program je zastaraly a k nicemu.



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 15-05-09.01 - Kamilka 09/05/2015 12:46:30.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3005.2164 [GMT 1:00]
Running from: c:\users\Kamilka\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ArivaUpgrade\LZMA.EXE
c:\users\Kamilka\AppData\Local\TempFullTiltUkSetup.exe
c:\users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-04-09 to 2015-05-09 )))))))))))))))))))))))))))))))
.
.
2015-05-08 18:07 . 2015-05-08 20:56 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 18:07 . 2015-04-14 08:37 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-08 18:07 . 2015-04-14 08:37 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-08 18:07 . 2015-04-14 08:37 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-08 18:07 . 2015-05-08 18:07 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-05-08 18:07 . 2015-05-08 18:07 -------- d-----w- c:\programdata\Malwarebytes
2015-05-08 17:52 . 2015-05-08 17:55 -------- d-----w- C:\AdwCleaner
2015-05-08 17:17 . 2015-05-08 17:18 -------- d-----w- C:\FRST
2015-05-08 12:15 . 2015-05-08 12:15 279955 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-05-08 12:15 . 2015-05-08 12:15 148760 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-05-08 12:15 . 2015-05-08 12:15 963232 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-05-08 12:15 . 2015-05-08 12:15 626176 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-05-08 12:15 . 2015-05-08 12:15 364544 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-05-08 12:15 . 2015-05-08 12:15 2418688 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-05-08 12:15 . 2015-05-08 12:15 1704448 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-05-08 12:15 . 2015-05-08 12:15 131598 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\zlib1.dll
2015-05-08 12:15 . 2015-05-08 12:15 119704 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-05-08 12:15 . 2015-05-08 12:15 112142 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-05-08 12:15 . 2015-05-08 12:15 494606 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-05-08 08:36 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7AE8E1A2-A25E-4D52-8471-9874651D1BB5}\mpengine.dll
2015-05-07 13:53 . 2015-04-26 13:38 353280 ----a-w- c:\windows\system32\HMIPCore.dll
2015-05-07 13:53 . 2015-05-07 13:53 -------- d-----w- c:\program files\Hide My IP 6
2015-05-06 17:30 . 2015-02-18 07:06 123904 ----a-w- c:\windows\system32\poqexec.exe
2015-04-24 15:40 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-24 15:40 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-24 15:40 . 2015-03-14 03:04 67584 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-24 15:40 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-15 08:23 . 2015-03-23 03:06 576000 ----a-w- c:\windows\system32\generaltel.dll
2015-04-15 08:23 . 2015-03-23 03:06 630784 ----a-w- c:\windows\system32\invagent.dll
2015-04-15 08:23 . 2015-03-23 03:06 331264 ----a-w- c:\windows\system32\devinv.dll
2015-04-15 08:23 . 2015-03-23 03:06 860160 ----a-w- c:\windows\system32\appraiser.dll
2015-04-15 08:23 . 2015-03-23 03:06 26112 ----a-w- c:\windows\system32\acmigration.dll
2015-04-15 08:23 . 2015-03-23 02:59 896000 ----a-w- c:\windows\system32\aeinv.dll
2015-04-15 08:23 . 2015-03-23 03:06 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-04-15 08:23 . 2015-03-23 03:06 159744 ----a-w- c:\windows\system32\aepic.dll
2015-04-15 08:23 . 2015-03-04 04:16 249784 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 08:23 . 2015-03-04 04:10 58880 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 08:17 . 2015-03-25 03:00 92672 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 08:17 . 2015-03-25 03:00 35328 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 08:17 . 2015-03-25 03:00 3088384 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 08:17 . 2015-03-25 03:00 29696 ----a-w- c:\windows\system32\wups.dll
2015-04-15 08:17 . 2015-03-25 03:00 173056 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 08:17 . 2015-03-25 03:00 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 08:17 . 2015-03-25 03:00 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 08:17 . 2015-03-25 03:00 131584 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 08:17 . 2015-03-25 03:00 566784 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 08:17 . 2015-03-25 03:00 2020864 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 08:17 . 2015-03-25 03:00 50176 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 08:17 . 2015-02-25 03:03 514560 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 08:16 . 2015-03-10 03:08 1237504 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 08:16 . 2015-03-10 03:05 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 20:27 . 2012-04-10 19:54 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-15 20:27 . 2011-06-16 05:10 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-10 07:22 . 2013-10-21 10:12 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-26 03:11 . 2015-03-11 09:08 2381312 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 03:23 . 2010-11-06 19:19 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:13 . 2015-03-11 09:06 26624 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:13 . 2015-03-11 09:06 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:13 . 2015-03-11 09:06 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:13 . 2015-03-11 09:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 03:09 . 2015-03-11 09:06 299008 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OneDrive"="c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2015-03-26 281248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-15 8120864]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"BingDesktop"="c:\program files\Microsoft\BingDesktop\BingDesktop.exe" [2014-11-26 2372800]
"CanonQuickMenu"="c:\program files\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-10-02 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 HideMyIpSRV;HideMyIpSRV;c:\program files\Hide My IP 6\HideMyIpSRV.exe [2015-04-26 4341760]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
R3 CH341SER;CH341SER;c:\windows\system32\Drivers\CH341SER.SYS [2009-06-02 39632]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-27 13224]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-19 9216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-11-09 8576]
R3 Origin Client Service;Origin Client Service;c:\program files\Origin\OriginClientService.exe [2015-05-08 1931632]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [2013-08-20 182680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-06 1343400]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-06 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-03-31 10752]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-11-26 173248]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2015-04-22 1846968]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 20:27]
.
2015-05-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
- c:\users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19 19:54]
.
2015-05-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
- c:\users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19 19:54]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
- c:\users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-27 14:43]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
- c:\users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-27 14:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 88.146.243.17:8080
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Toolbar-Locked - (no file)
c:\users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nero.bat.lnk - c:\windows\System32\nero.bat
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:e4,4e,6f,40,9a,2c,28,23,b4,c6,b0,41,b1,76,e0,ee,44,38,f2,f2,18,f0,7c,
47,b3,0e,71,8f,49,23,73,4f,c3,d2,7d,ec,fd,40,87,92,ac,76,74,c9,d9,49,88,60,\
"??"=hex:f6,ac,24,df,79,bb,6f,da,38,b1,39,b6,2f,65,8f,a2
.
[HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1000\Software\SecuROM\License information*]
"datasecu"=hex:ba,ef,27,75,5e,94,03,7e,d2,75,4f,a0,1b,84,91,3c,1b,e3,3b,78,a4,
f4,e4,6f,5f,33,8d,38,22,bb,57,28,f6,67,2f,2e,fa,19,c6,19,ab,5f,c2,8a,e6,0d,\
"rkeysecu"=hex:59,0b,c1,eb,77,ea,c1,57,32,fb,02,75,79,86,80,e0
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-05-09 12:58:40
ComboFix-quarantined-files.txt 2015-05-09 11:58
.
Pre-Run: 90,730,201,088 bytes free
Post-Run: 90,382,557,184 bytes free
.
- - End Of File - - E5875F15910F6694773EB2787B90B762
2E5DEBB2116B3417023E0D6562D7ED07

Tak tady to je vse probehlo bez problemu...po restartu taky ok a okno zatim nevyskocilo

Jojo, vidim, ze CF uz brouka smaznul Ale hlavne neutikejte, je potreba to docistit, aby to nebylo za chvili zpet.



Vypnete trvale Windows Defender



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Tak tady je...
ComboFix 15-05-09.01 - Kamilka 09/05/2015 13:50:47.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3005.1974 [GMT 1:00]
Running from: c:\users\Kamilka\Desktop\ComboFix.exe
Command switches used :: c:\users\Kamilka\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2015-04-09 to 2015-05-09 )))))))))))))))))))))))))))))))
.
.
2015-05-09 12:59 . 2015-05-09 12:59 -------- d-----w- c:\users\Mcx1-KAMILKA-PC\AppData\Local\temp
2015-05-09 12:59 . 2015-05-09 12:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-09 11:58 . 2015-05-09 13:01 -------- d-----w- c:\users\Kamilka\AppData\Local\temp
2015-05-08 18:07 . 2015-05-08 20:56 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 18:07 . 2015-04-14 08:37 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-08 18:07 . 2015-04-14 08:37 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-08 18:07 . 2015-04-14 08:37 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-08 18:07 . 2015-05-08 18:07 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-05-08 18:07 . 2015-05-08 18:07 -------- d-----w- c:\programdata\Malwarebytes
2015-05-08 17:52 . 2015-05-08 17:55 -------- d-----w- C:\AdwCleaner
2015-05-08 17:17 . 2015-05-08 17:18 -------- d-----w- C:\FRST
2015-05-08 12:15 . 2015-05-08 12:15 494606 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-05-08 08:36 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7AE8E1A2-A25E-4D52-8471-9874651D1BB5}\mpengine.dll
2015-05-07 13:53 . 2015-04-26 13:38 353280 ----a-w- c:\windows\system32\HMIPCore.dll
2015-05-07 13:53 . 2015-05-07 13:53 -------- d-----w- c:\program files\Hide My IP 6
2015-05-06 17:30 . 2015-02-18 07:06 123904 ----a-w- c:\windows\system32\poqexec.exe
2015-04-24 15:40 . 2015-01-29 03:02 844288 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-24 15:40 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-24 15:40 . 2015-03-14 03:04 67584 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-24 15:40 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-15 08:23 . 2015-03-23 03:06 576000 ----a-w- c:\windows\system32\generaltel.dll
2015-04-15 08:23 . 2015-03-23 03:06 630784 ----a-w- c:\windows\system32\invagent.dll
2015-04-15 08:23 . 2015-03-23 03:06 331264 ----a-w- c:\windows\system32\devinv.dll
2015-04-15 08:23 . 2015-03-23 03:06 860160 ----a-w- c:\windows\system32\appraiser.dll
2015-04-15 08:23 . 2015-03-23 03:06 26112 ----a-w- c:\windows\system32\acmigration.dll
2015-04-15 08:23 . 2015-03-23 02:59 896000 ----a-w- c:\windows\system32\aeinv.dll
2015-04-15 08:23 . 2015-03-23 03:06 202752 ----a-w- c:\windows\system32\aepdu.dll
2015-04-15 08:23 . 2015-03-23 03:06 159744 ----a-w- c:\windows\system32\aepic.dll
2015-04-15 08:23 . 2015-03-04 04:16 249784 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 08:23 . 2015-03-04 04:10 58880 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 08:17 . 2015-03-25 03:00 92672 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 08:17 . 2015-03-25 03:00 35328 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 08:17 . 2015-03-25 03:00 3088384 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 08:17 . 2015-03-25 03:00 29696 ----a-w- c:\windows\system32\wups.dll
2015-04-15 08:17 . 2015-03-25 03:00 173056 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 08:17 . 2015-03-25 03:00 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 08:17 . 2015-03-25 03:00 33792 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 08:17 . 2015-03-25 03:00 131584 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 08:17 . 2015-03-25 03:00 566784 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 08:17 . 2015-03-25 03:00 2020864 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 08:17 . 2015-03-25 03:00 50176 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 08:17 . 2015-02-25 03:03 514560 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 08:16 . 2015-03-10 03:08 1237504 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 08:16 . 2015-03-10 03:05 2048 ----a-w- c:\windows\system32\msxml3r.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-08 12:15 . 2015-05-08 12:15 279955 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-05-08 12:15 . 2015-05-08 12:15 148760 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-05-08 12:15 . 2015-05-08 12:15 963232 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-05-08 12:15 . 2015-05-08 12:15 626176 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-05-08 12:15 . 2015-05-08 12:15 364544 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-05-08 12:15 . 2015-05-08 12:15 2418688 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-05-08 12:15 . 2015-05-08 12:15 1704448 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-05-08 12:15 . 2015-05-08 12:15 131598 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\zlib1.dll
2015-05-08 12:15 . 2015-05-08 12:15 119704 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-05-08 12:15 . 2015-05-08 12:15 112142 ----a-w- c:\users\Kamilka\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-04-15 20:27 . 2012-04-10 19:54 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-15 20:27 . 2011-06-16 05:10 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-10 07:22 . 2013-10-21 10:12 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-26 03:11 . 2015-03-11 09:08 2381312 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 03:23 . 2010-11-06 19:19 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:13 . 2015-03-11 09:06 26624 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:13 . 2015-03-11 09:06 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:13 . 2015-03-11 09:06 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:13 . 2015-03-11 09:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 03:09 . 2015-03-11 09:06 299008 ----a-w- c:\windows\system32\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-03-26 08:08 329376 ----a-w- c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OneDrive"="c:\users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2015-03-26 281248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-12-15 8120864]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
"CanonQuickMenu"="c:\program files\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"="c:\program files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 HideMyIpSRV;HideMyIpSRV;c:\program files\Hide My IP 6\HideMyIpSRV.exe [2015-04-26 4341760]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R3 CH341SER;CH341SER;c:\windows\system32\Drivers\CH341SER.SYS [2009-06-02 39632]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-27 13224]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-19 9216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-11-09 8576]
R3 Origin Client Service;Origin Client Service;c:\program files\Origin\OriginClientService.exe [2015-05-08 1931632]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [2013-08-20 182680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-06 1343400]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-06 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2010-03-31 10752]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-11-26 173248]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2015-04-22 1846968]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 20:27]
.
2015-05-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
- c:\users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19 19:54]
.
2015-05-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
- c:\users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19 19:54]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
- c:\users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-27 14:43]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
- c:\users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-27 14:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 88.146.243.17:8080
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\windows\system32\conhost.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\igfxext.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2015-05-09 14:08:24 - machine was rebooted
ComboFix-quarantined-files.txt 2015-05-09 13:08
ComboFix2.txt 2015-05-09 11:58
.
Pre-Run: 90,333,286,400 bytes free
Post-Run: 90,044,092,416 bytes free
.
- - End Of File - - 5A11D6FA9DCD1E75EBD1107FF6D13284
2E5DEBB2116B3417023E0D6562D7ED07

Dejte prosim novy log z FRST

a k tomu

Dejte i log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786 a doladime to

Zde je 1.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2015 01
Ran by Kamilka (administrator) on KAMILKA-PC on 09-05-2015 14:42:26
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available profiles: Kamilka & Mcx1-KAMILKA-PC)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [3080264 2011-09-22] (ESET)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [CloneCDTray] => C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [OneDrive] => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-26] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {2046C259-6CE9-4869-B991-91F1053D4FCD} URL = http://www.bing.com/search?FORM=BDKTDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-04] (Oracle Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-04] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-23] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-06-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-06-23] (Apple Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-01-27]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-01-26]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-27]
CHR Extension: (Google Search) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-27]
CHR Extension: (http://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-14]
CHR Extension: (Bookmark Manager) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Skype Click to Call) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-01]
CHR Extension: (Google Wallet) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1846968 2015-04-22] (Microsoft Corporation)
R2 DiagTrack; C:\windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944 2011-09-22] (ESET)
S2 HideMyIpSRV; C:\Program Files\Hide My IP 6\HideMyIpSRV.exe [4341760 2015-04-26] (Hide My IP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 CH341SER; C:\windows\System32\Drivers\CH341SER.SYS [39632 2009-06-02] (www.winchiphead.com)
R2 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [163424 2011-08-09] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [118104 2011-08-04] (ESET)
R3 ElbyCDFL; C:\windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R2 epfw; C:\windows\System32\DRIVERS\epfw.sys [147480 2011-08-04] (ESET)
R1 EpfwLWF; C:\windows\System32\DRIVERS\EpfwLWF.sys [33656 2011-08-04] (ESET)
R0 epfwwfp; C:\windows\System32\DRIVERS\epfwwfp.sys [50624 2011-08-04] (ESET)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 s0017bus; C:\windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-11-06] () [File not signed]
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [182680 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 a87uwnk5; C:\windows\system32\Drivers\a87uwnk5.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 mbr; \??\C:\Users\Kamilka\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 14:42 - 2015-05-09 14:43 - 00020151 _____ () C:\Users\Kamilka\Desktop\FRST.txt
2015-05-09 14:08 - 2015-05-09 14:08 - 00018197 _____ () C:\ComboFix.txt
2015-05-09 12:43 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-05-09 12:43 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-05-09 12:43 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-05-09 12:43 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-05-09 12:43 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-05-09 12:43 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-05-09 12:43 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-05-09 12:43 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-05-09 12:42 - 2015-05-09 14:08 - 00000000 ____D () C:\Qoobox
2015-05-09 12:42 - 2015-05-09 13:59 - 00000000 ____D () C:\windows\erdnt
2015-05-09 12:39 - 2015-05-09 12:40 - 05623215 ____R (Swearware) C:\Users\Kamilka\Desktop\ComboFix.exe
2015-05-08 21:46 - 2015-05-09 00:04 - 00000000 ____D () C:\Users\Kamilka\Desktop\New folder (2)
2015-05-08 19:07 - 2015-05-08 21:56 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-08 19:07 - 2015-05-08 19:07 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-08 19:07 - 2015-05-08 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-08 19:07 - 2015-05-08 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-08 19:07 - 2015-05-08 19:07 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-08 19:07 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-08 19:07 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-08 19:07 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-08 19:02 - 2015-05-08 19:03 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Kamilka\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-08 18:56 - 2015-05-09 14:00 - 00007970 _____ () C:\windows\PFRO.log
2015-05-08 18:56 - 2015-05-09 14:00 - 00000280 _____ () C:\windows\setupact.log
2015-05-08 18:56 - 2015-05-08 18:56 - 00000000 _____ () C:\windows\setuperr.log
2015-05-08 18:52 - 2015-05-08 18:55 - 00000000 ____D () C:\AdwCleaner
2015-05-08 18:51 - 2015-05-08 18:52 - 02204160 _____ () C:\Users\Kamilka\Desktop\adwcleaner_4.203.exe
2015-05-08 18:17 - 2015-05-09 14:42 - 00000000 ____D () C:\FRST
2015-05-08 18:16 - 2015-05-08 18:17 - 01141248 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2015-05-08 18:15 - 2015-05-08 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
2015-05-08 18:13 - 2015-05-08 18:14 - 02102272 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST64.exe
2015-05-07 14:53 - 2015-05-07 14:53 - 00002896 _____ () C:\windows\system32\HideMyIpSRVOff.ini
2015-05-07 14:53 - 2015-05-07 14:53 - 00000993 _____ () C:\Users\Kamilka\Desktop\Hide My IP 6.lnk
2015-05-07 14:53 - 2015-05-07 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide My IP 6
2015-05-07 14:53 - 2015-05-07 14:53 - 00000000 ____D () C:\Program Files\Hide My IP 6
2015-05-07 14:53 - 2015-04-26 14:38 - 00353280 _____ (Hide My IP) C:\windows\system32\HMIPCore.dll
2015-05-07 14:51 - 2015-05-07 14:52 - 03047040 _____ (My Privacy Tools, Inc. ) C:\Users\Kamilka\Downloads\hidemyip.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 03989440 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 03934144 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-06 18:32 - 2015-04-27 20:11 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-06 18:32 - 2015-04-27 20:11 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-06 18:32 - 2015-04-27 20:08 - 01307648 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00851456 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00635392 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-06 18:32 - 2015-04-27 20:05 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00364544 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-06 18:32 - 2015-04-27 20:04 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-06 18:32 - 2015-04-27 20:04 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-06 18:32 - 2015-04-27 20:03 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-06 18:32 - 2015-04-27 20:03 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-06 18:32 - 2015-04-27 20:01 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-06 18:32 - 2015-04-27 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-06 18:32 - 2015-04-27 19:59 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-06 18:32 - 2015-04-27 19:59 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-06 18:32 - 2015-04-27 19:00 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-06 18:30 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-04 17:58 - 2015-05-04 17:58 - 00242925 _____ () C:\Users\Kamilka\Downloads\[CzT]Lovci_duchu_Supernatural_1_4_serie_CZ_5_6_serie_EN_.torrent
2015-05-04 14:06 - 2015-05-04 14:06 - 00035172 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_3_serie_CZ_TvRip_.torrent
2015-05-04 14:04 - 2015-05-04 14:04 - 00023974 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_2_Serie_CZ_TvRip_.torrent
2015-05-04 14:02 - 2015-05-04 14:02 - 00017484 _____ () C:\Users\Kamilka\Downloads\[CzT]Mickeyho_klubik_Mickey_Mouse_Clubhouse_1_serie_CZ_TvRip_.torrent
2015-05-04 14:00 - 2015-05-04 14:00 - 00014901 _____ () C:\Users\Kamilka\Downloads\[CzT]Auta_Cars_1_2_2006_2011_CZ_.torrent
2015-05-02 10:16 - 2015-05-02 10:17 - 00028743 _____ () C:\Users\Kamilka\Downloads\[CzT]Padesat_odstinu_sedi_Fifty_Shades_of_Grey_2015_720pHD_.torrent
2015-04-28 00:54 - 2015-04-28 00:54 - 00015173 _____ () C:\Users\Kamilka\Downloads\[CzT]Nero_8_FULL_CZ.torrent
2015-04-27 17:13 - 2015-04-27 17:13 - 00014589 _____ () C:\Users\Kamilka\Downloads\[CzT]Microsoft_Windows_XP_Professional_SP3_CZ_8_2013_.torrent
2015-04-24 16:40 - 2015-03-14 04:04 - 01372160 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-04-24 16:40 - 2015-03-14 04:04 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-04-24 16:40 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-04-18 21:18 - 2015-04-18 21:18 - 00017701 _____ () C:\Users\Kamilka\Downloads\[CzT]Frajeri_ve_Vegas_Last_Vegas_2013_CZ_.torrent
2015-04-18 19:13 - 2015-04-18 19:13 - 00015237 _____ () C:\Users\Kamilka\Downloads\[CzT]Hra_o_truny_Game_of_Thrones_4_serie_CZ_TVRip_.torrent
2015-04-16 14:02 - 2015-04-16 14:02 - 00015129 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_Beyonce_Platinum_Edition_2CD_2014_.torrent
2015-04-16 14:02 - 2015-04-16 14:02 - 00015129 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_Beyonce_Platinum_Edition_2CD_2014_ (1).torrent
2015-04-16 14:01 - 2015-04-16 14:01 - 00020883 _____ () C:\Users\Kamilka\Downloads\[CzT]Beyonce_2013_.torrent
2015-04-15 09:23 - 2015-03-23 04:06 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00630784 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 09:23 - 2015-03-23 04:06 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 09:23 - 2015-03-23 03:59 - 00896000 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 09:23 - 2015-03-04 05:16 - 00249784 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 09:23 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 09:22 - 2015-04-02 00:49 - 00342704 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 09:22 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 09:22 - 2015-03-13 04:42 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 09:22 - 2015-03-13 04:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 09:22 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 09:22 - 2015-03-13 04:28 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 09:22 - 2015-03-13 04:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 09:22 - 2015-03-13 04:27 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 09:22 - 2015-03-13 04:26 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 09:22 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 09:22 - 2015-03-13 04:20 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 09:22 - 2015-03-13 04:20 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 09:22 - 2015-03-13 04:17 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 09:22 - 2015-03-13 04:16 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 09:22 - 2015-03-13 04:16 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 09:22 - 2015-03-13 04:15 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 09:22 - 2015-03-13 04:09 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:22 - 2015-03-13 04:06 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 09:22 - 2015-03-13 04:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:22 - 2015-03-13 03:57 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 09:22 - 2015-03-13 03:56 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 09:22 - 2015-03-13 03:54 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 09:22 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 09:22 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 09:22 - 2015-03-13 03:43 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 09:22 - 2015-03-13 03:43 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 09:22 - 2015-03-13 03:42 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 09:22 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 09:22 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 09:22 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 09:22 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 09:22 - 2015-03-05 05:06 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 03088384 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 02020864 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 09:17 - 2015-03-25 04:00 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 09:17 - 2015-03-25 04:00 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 09:17 - 2015-03-25 04:00 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 09:17 - 2015-02-25 04:03 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 09:16 - 2015-03-10 04:08 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 09:16 - 2015-03-10 04:05 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-09 13:58 - 2015-04-09 13:58 - 00012493 _____ () C:\Users\Kamilka\Downloads\[CzT]George_Ezra_Wanted_On_Voyage_2014_Deluxe_Edition_.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 14:38 - 2013-02-12 22:00 - 01228823 _____ () C:\windows\WindowsUpdate.log
2015-05-09 14:26 - 2012-02-27 21:22 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
2015-05-09 14:17 - 2012-04-10 20:54 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 14:10 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-09 14:10 - 2009-07-14 05:34 - 00023552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-09 14:01 - 2010-11-06 18:10 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-05-09 14:01 - 2009-07-14 03:04 - 00000215 _____ () C:\windows\system.ini
2015-05-09 14:00 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-09 13:59 - 2009-07-14 03:03 - 72613888 _____ () C:\windows\system32\config\SOFTWARE.bak
2015-05-09 13:59 - 2009-07-14 03:03 - 22544384 _____ () C:\windows\system32\config\SYSTEM.bak
2015-05-09 13:59 - 2009-07-14 03:03 - 05767168 _____ () C:\windows\system32\config\DEFAULT.bak
2015-05-09 13:59 - 2009-07-14 03:03 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-05-09 13:59 - 2009-07-14 03:03 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-05-09 12:58 - 2014-09-13 11:48 - 00000000 ____D () C:\Users\ArivaUpgrade
2015-05-09 12:58 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-05-09 11:59 - 2013-10-19 20:54 - 00000936 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job
2015-05-09 10:44 - 2013-10-28 21:06 - 00000000 ____D () C:\Users\Kamilka\Desktop\Jiricek
2015-05-09 10:43 - 2012-01-26 21:08 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-05-09 10:42 - 2012-02-27 21:21 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
2015-05-09 10:42 - 2012-01-26 21:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-09 00:06 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\schemas
2015-05-08 21:59 - 2010-11-06 21:07 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\uTorrent
2015-05-08 20:59 - 2013-10-19 20:54 - 00000914 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job
2015-05-08 18:59 - 2012-01-05 22:06 - 00000000 ____D () C:\Users\Kamilka\AppData\Local\CrashDumps
2015-05-08 13:33 - 2010-11-13 19:09 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Skype
2015-05-08 13:28 - 2010-11-06 21:22 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2015-05-08 13:27 - 2014-09-18 19:17 - 00000000 ____D () C:\ProgramData\Origin
2015-05-08 12:25 - 2014-09-18 19:24 - 00000000 ____D () C:\Users\Kamilka\AppData\Roaming\Origin
2015-05-08 12:02 - 2014-09-18 19:23 - 00000000 ____D () C:\Program Files\Origin
2015-05-08 10:34 - 2014-02-28 11:04 - 00000000 ____D () C:\Users\Kamilka\Desktop\Hackovani & Siti
2015-05-07 11:02 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\rescache
2015-05-06 22:39 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-05-06 19:01 - 2014-02-23 03:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-06 19:01 - 2013-10-21 11:10 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-06 18:46 - 2009-07-26 21:06 - 00795502 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-06 18:42 - 2014-02-01 19:40 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-05-06 18:39 - 2012-01-26 21:35 - 00000000 ____D () C:\Program Files\CDBurnerXP
2015-05-04 13:13 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\NDF
2015-05-01 10:42 - 2012-01-26 21:35 - 00001887 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-05-01 10:42 - 2012-01-26 21:35 - 00001845 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-04-29 14:21 - 2014-11-12 16:01 - 00000000 ____D () C:\Program Files\Full Tilt UK
2015-04-24 23:02 - 2014-12-16 00:51 - 00000000 ____D () C:\Users\Kamilka\Desktop\hlinikove klece
2015-04-24 16:42 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-04-22 10:29 - 2010-11-13 19:09 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 22:00 - 2010-12-29 21:06 - 00000000 ____D () C:\Users\Kamilka\Desktop\Hudba
2015-04-19 20:41 - 2012-12-18 23:19 - 00000000 ____D () C:\Users\Kamilka\Desktop\Jirka ptaci
2015-04-15 21:27 - 2012-04-10 20:54 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-04-15 21:27 - 2011-06-16 06:10 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-15 16:53 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 16:04 - 2014-12-13 16:52 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 16:04 - 2014-05-02 09:31 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 15:53 - 2013-08-13 13:04 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 15:43 - 2010-11-06 19:54 - 125832184 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-09 13:39 - 2011-01-30 17:15 - 00000121 ___SH () C:\ProgramData\.zreglib

==================== Files in the root of some directories =======

2004-02-04 15:53 - 2004-02-04 15:53 - 0458752 ____H () C:\Program Files\Common Files\db.mdb
2004-02-04 14:54 - 2004-02-04 14:54 - 0000019 ____H () C:\Program Files\Common Files\General.txt
2004-02-04 15:53 - 2004-02-04 15:53 - 0458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 14:54 - 2004-02-04 14:54 - 0000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 18:33 - 2002-08-29 18:33 - 0319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2012-11-23 14:50 - 2012-11-23 14:50 - 0003584 _____ () C:\Users\Kamilka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-30 17:15 - 2015-04-09 13:39 - 0000121 ___SH () C:\ProgramData\.zreglib
2010-11-13 19:12 - 2010-11-13 19:12 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-11-06 18:12 - 2010-01-16 08:18 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2013-12-24 00:40 - 2013-12-24 00:41 - 0000348 _____ () C:\ProgramData\hpzinstall.log
2010-06-13 23:51 - 2010-06-13 23:51 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-13 23:49 - 2010-06-13 23:50 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-13 23:46 - 2010-06-13 23:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-13 23:50 - 2010-06-13 23:51 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-13 23:45 - 2010-06-13 23:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-13 23:47 - 2010-06-13 23:49 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Files to move or delete:
====================
C:\Users\ArivaUpgrade\ArivaUpgrade.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C270C64
AlternateDataStreams: C:\ProgramData\Temp:6FB93194
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:8530A643
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168

==================== Security Center ==================

AV: ESET Smart Security 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kamilka\Desktop" je 27785 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

A 2.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kamilka at 2015-05-09 14:46:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 86 GB (38%) free of 228 GB
Total RAM: 3005 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:16, on 09/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\windows\Explorer.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kamilka\Downloads\RSIT.exe
C:\Program Files\trend micro\Kamilka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 88.146.243.17:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HideMyIpSRV - Hide My IP - C:\Program Files\Hide My IP 6\HideMyIpSRV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6704 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job - C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job - C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job - C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA.job - C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04 153760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-04 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10 710872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-04 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28 4438104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-15 8120864]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2009-06-03 103720]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2009-04-15 50472]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 1713448]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-02-11 172568]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 3080264]
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"=C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"OneDrive"=C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-03-26 281248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HideMyIpSRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-09 14:46:14 ----D---- C:\rsit
2015-05-09 14:46:14 ----D---- C:\Program Files\trend micro
2015-05-09 14:08:24 ----A---- C:\ComboFix.txt
2015-05-09 14:01:25 ----SHD---- C:\$RECYCLE.BIN
2015-05-09 12:43:07 ----A---- C:\windows\zip.exe
2015-05-09 12:43:07 ----A---- C:\windows\SWSC.exe
2015-05-09 12:43:07 ----A---- C:\windows\SWREG.exe
2015-05-09 12:43:07 ----A---- C:\windows\sed.exe
2015-05-09 12:43:07 ----A---- C:\windows\PEV.exe
2015-05-09 12:43:07 ----A---- C:\windows\NIRCMD.exe
2015-05-09 12:43:07 ----A---- C:\windows\MBR.exe
2015-05-09 12:43:07 ----A---- C:\windows\grep.exe
2015-05-09 12:42:58 ----D---- C:\Qoobox
2015-05-09 12:42:32 ----D---- C:\windows\erdnt
2015-05-08 19:07:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 19:07:17 ----A---- C:\windows\system32\drivers\mwac.sys
2015-05-08 19:07:17 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-05-08 19:07:17 ----A---- C:\windows\system32\drivers\mbam.sys
2015-05-08 19:07:16 ----D---- C:\ProgramData\Malwarebytes
2015-05-08 19:07:16 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-05-08 18:52:41 ----D---- C:\AdwCleaner
2015-05-08 18:17:41 ----D---- C:\FRST
2015-05-07 14:53:44 ----A---- C:\windows\system32\HideMyIpSRVOff.ini
2015-05-07 14:53:38 ----A---- C:\windows\system32\HMIPCore.dll
2015-05-07 14:53:34 ----D---- C:\Program Files\Hide My IP 6
2015-05-06 18:32:22 ----A---- C:\windows\system32\UtcResources.dll
2015-05-06 18:32:21 ----A---- C:\windows\system32\diagtrack.dll
2015-05-06 18:32:20 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-05-06 18:32:19 ----A---- C:\windows\system32\ntoskrnl.exe
2015-05-06 18:32:18 ----A---- C:\windows\system32\tdh.dll
2015-05-06 18:32:16 ----A---- C:\windows\system32\ntdll.dll
2015-05-06 18:32:15 ----A---- C:\windows\system32\advapi32.dll
2015-05-06 18:32:14 ----A---- C:\windows\system32\tracerpt.exe
2015-05-06 18:32:14 ----A---- C:\windows\system32\lsasrv.dll
2015-05-06 18:32:14 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-05-06 18:32:13 ----A---- C:\windows\system32\srcore.dll
2015-05-06 18:32:13 ----A---- C:\windows\system32\sechost.dll
2015-05-06 18:32:13 ----A---- C:\windows\system32\schannel.dll
2015-05-06 18:32:13 ----A---- C:\windows\system32\rstrui.exe
2015-05-06 18:32:13 ----A---- C:\windows\system32\msv1_0.dll
2015-05-06 18:32:13 ----A---- C:\windows\system32\logman.exe
2015-05-06 18:32:13 ----A---- C:\windows\system32\kerberos.dll
2015-05-06 18:32:13 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-05-06 18:32:12 ----A---- C:\windows\system32\wdigest.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\typeperf.exe
2015-05-06 18:32:12 ----A---- C:\windows\system32\TSpkg.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\sspicli.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\srclient.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\smss.exe
2015-05-06 18:32:12 ----A---- C:\windows\system32\secur32.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\relog.exe
2015-05-06 18:32:12 ----A---- C:\windows\system32\ncrypt.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\lsass.exe
2015-05-06 18:32:12 ----A---- C:\windows\system32\diskperf.exe
2015-05-06 18:32:12 ----A---- C:\windows\system32\csrsrv.dll
2015-05-06 18:32:12 ----A---- C:\windows\system32\auditpol.exe
2015-05-06 18:32:11 ----A---- C:\windows\system32\sspisrv.dll
2015-05-06 18:32:11 ----A---- C:\windows\system32\msobjs.dll
2015-05-06 18:32:11 ----A---- C:\windows\system32\msaudite.dll
2015-05-06 18:32:11 ----A---- C:\windows\system32\credssp.dll
2015-05-06 18:32:11 ----A---- C:\windows\system32\apisetschema.dll
2015-05-06 18:32:11 ----A---- C:\windows\system32\adtschema.dll
2015-05-06 18:30:52 ----A---- C:\windows\system32\poqexec.exe
2015-04-24 16:40:18 ----A---- C:\windows\system32\wpdshext.dll
2015-04-24 16:40:05 ----A---- C:\windows\system32\dwmcore.dll
2015-04-24 16:40:05 ----A---- C:\windows\system32\dwmapi.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\invagent.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\generaltel.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\devinv.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\appraiser.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\aeinv.dll
2015-04-15 09:23:34 ----A---- C:\windows\system32\acmigration.dll
2015-04-15 09:23:33 ----A---- C:\windows\system32\aepic.dll
2015-04-15 09:23:33 ----A---- C:\windows\system32\aepdu.dll
2015-04-15 09:23:11 ----A---- C:\windows\system32\clfsw32.dll
2015-04-15 09:23:11 ----A---- C:\windows\system32\clfs.sys
2015-04-15 09:22:44 ----A---- C:\windows\system32\gdi32.dll
2015-04-15 09:22:43 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:22:43 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-15 09:22:42 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:22:42 ----A---- C:\windows\system32\iernonce.dll
2015-04-15 09:22:42 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-15 09:22:42 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-15 09:22:41 ----A---- C:\windows\system32\urlmon.dll
2015-04-15 09:22:41 ----A---- C:\windows\system32\jsproxy.dll
2015-04-15 09:22:41 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-15 09:22:40 ----A---- C:\windows\system32\msfeeds.dll
2015-04-15 09:22:40 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-15 09:22:40 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-15 09:22:40 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-15 09:22:40 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-15 09:22:38 ----A---- C:\windows\system32\msrating.dll
2015-04-15 09:22:38 ----A---- C:\windows\system32\iesetup.dll
2015-04-15 09:22:38 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-15 09:22:37 ----A---- C:\windows\system32\wininet.dll
2015-04-15 09:22:36 ----A---- C:\windows\system32\ieui.dll
2015-04-15 09:22:36 ----A---- C:\windows\system32\dxtrans.dll
2015-04-15 09:22:35 ----A---- C:\windows\system32\ieframe.dll
2015-04-15 09:22:33 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-15 09:22:33 ----A---- C:\windows\system32\mshtmled.dll
2015-04-15 09:22:33 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-15 09:22:32 ----A---- C:\windows\system32\iertutil.dll
2015-04-15 09:22:30 ----A---- C:\windows\system32\mshtml.dll
2015-04-15 09:22:29 ----A---- C:\windows\system32\vbscript.dll
2015-04-15 09:22:29 ----A---- C:\windows\system32\jscript9.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wuwebv.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wups2.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wups.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wudriver.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wucltux.dll
2015-04-15 09:17:54 ----A---- C:\windows\system32\wuauclt.exe
2015-04-15 09:17:54 ----A---- C:\windows\system32\wuapp.exe
2015-04-15 09:17:54 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 09:17:53 ----A---- C:\windows\system32\wuaueng.dll
2015-04-15 09:17:53 ----A---- C:\windows\system32\wuapi.dll
2015-04-15 09:17:53 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-15 09:17:05 ----A---- C:\windows\system32\drivers\http.sys
2015-04-15 09:16:52 ----A---- C:\windows\system32\msxml3.dll
2015-04-15 09:16:51 ----A---- C:\windows\system32\msxml3r.dll

======List of files/folders modified in the last 1 month======

2015-05-09 14:46:14 ----RD---- C:\Program Files
2015-05-09 14:45:50 ----D---- C:\windows\Temp
2015-05-09 14:37:42 ----D---- C:\windows\system32\config
2015-05-09 14:08:27 ----D---- C:\windows\system32\drivers
2015-05-09 14:01:03 ----AD---- C:\Windows
2015-05-09 14:01:03 ----A---- C:\windows\system.ini
2015-05-09 14:00:59 ----D---- C:\windows\system32\drivers\etc
2015-05-09 13:56:05 ----D---- C:\windows\System32
2015-05-09 13:56:05 ----D---- C:\windows\AppPatch
2015-05-09 13:56:03 ----D---- C:\Program Files\Common Files
2015-05-09 12:43:08 ----D---- C:\windows\Prefetch
2015-05-09 10:43:08 ----D---- C:\Program Files\Spybot - Search & Destroy
2015-05-09 10:42:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-05-09 00:06:04 ----D---- C:\windows\schemas
2015-05-08 21:59:22 ----D---- C:\Users\Kamilka\AppData\Roaming\uTorrent
2015-05-08 19:07:16 ----D---- C:\ProgramData
2015-05-08 16:55:43 ----D---- C:\windows\inf
2015-05-08 13:33:26 ----D---- C:\Users\Kamilka\AppData\Roaming\Skype
2015-05-08 13:28:27 ----D---- C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2015-05-08 13:27:08 ----D---- C:\ProgramData\Origin
2015-05-08 13:15:36 ----SD---- C:\Users\Kamilka\AppData\Roaming\Microsoft
2015-05-08 13:03:13 ----SHD---- C:\windows\Installer
2015-05-08 12:53:44 ----SHD---- C:\System Volume Information
2015-05-08 12:25:00 ----D---- C:\Users\Kamilka\AppData\Roaming\Origin
2015-05-08 12:02:41 ----D---- C:\Program Files\Origin
2015-05-07 11:02:40 ----D---- C:\windows\rescache
2015-05-06 22:39:57 ----D---- C:\windows\Microsoft.NET
2015-05-06 22:39:01 ----RSD---- C:\windows\assembly
2015-05-06 19:02:44 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-06 19:01:05 ----D---- C:\Program Files\Microsoft Office 15
2015-05-06 18:46:48 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-05-06 18:42:24 ----D---- C:\ProgramData\CanonIJPLM
2015-05-06 18:40:32 ----D---- C:\windows\winsxs
2015-05-06 18:39:38 ----D---- C:\Program Files\CDBurnerXP
2015-05-06 18:37:26 ----D---- C:\windows\system32\en-US
2015-05-06 18:31:41 ----D---- C:\windows\system32\catroot2
2015-05-04 13:13:48 ----D---- C:\windows\system32\NDF
2015-05-03 14:33:11 ----D---- C:\windows\debug
2015-04-29 14:21:39 ----D---- C:\Program Files\Full Tilt UK
2015-04-24 16:42:53 ----D---- C:\windows\system32\DriverStore
2015-04-24 16:42:53 ----D---- C:\windows\system32\AdvancedInstallers
2015-04-24 16:42:52 ----D---- C:\windows\system32\drivers\UMDF
2015-04-22 10:29:39 ----D---- C:\ProgramData\Skype
2015-04-15 21:27:31 ----A---- C:\windows\system32\FlashPlayerApp.exe
2015-04-15 16:53:39 ----D---- C:\windows\AppCompat
2015-04-15 16:04:37 ----SD---- C:\windows\system32\CompatTel
2015-04-15 16:04:36 ----D---- C:\windows\system32\appraiser
2015-04-15 16:04:33 ----D---- C:\Program Files\Internet Explorer
2015-04-15 16:04:32 ----D---- C:\windows\PolicyDefinitions
2015-04-15 15:53:27 ----D---- C:\windows\system32\MRT
2015-04-15 15:43:37 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-10-13 331288]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-11-06 691696]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2010-03-31 10752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2011-12-13 2228224]
R3 ElbyCDFL;ElbyCDFL; C:\windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-12-15 2977248]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CH341SER;CH341SER; C:\windows\System32\Drivers\CH341SER.SYS [2009-06-02 39632]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2010-12-27 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2010-12-27 25512]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys [2010-01-19 9216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2012-11-09 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2012-11-09 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2012-11-09 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2012-11-09 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 rtport;rtport; \??\C:\windows\system32\drivers\rtport.sys [2010-08-17 15656]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2013-08-20 182680]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2012-11-09 8192]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-11-09 8192]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb Driver; C:\windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-01-19 105088]
S3 ZTEusbnmea;ZTE NMEA Port; C:\windows\system32\DRIVERS\ZTEusbnmea.sys [2010-01-19 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\windows\system32\DRIVERS\ZTEusbser6k.sys [2010-01-19 105088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 BingDesktopUpdate;Bing Desktop Update service; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-11-26 173248]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2015-04-22 1846968]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-07-07 247152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 HideMyIpSRV;HideMyIpSRV; C:\Program Files\Hide My IP 6\HideMyIpSRV.exe [2015-04-26 4341760]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-05-08 1931632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-10-03 4846168]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-11-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------