VIRY.CZ

dobrej den... asi pred rokem jsem delal jednu preventivku tohoto pc... moc jste mi pomohli... ocividne tam ale zase neco radi... pouzivam mobilni broadband tady v anglii a vetsinou stahuju hry na steam vice nez 3M/s... tyden zpatky jsem steamoval cely film v hd bez cekani ted to trva 10 minut jen nahrat video na youtube, ktere ma 3 minuty. zkousel jsem ... CCleaner, Mwav, uninstal antivirus a firewall, unistal podezrelosti, ale zas takovy znalec nejsem... a nakonec jsem instnul internet down/upload checker a ten vidi jen aktivni schvost.exe nekolikrat a nic jineho... uz si sam nevim rady prosim o pomoc... na tabletu internet bezi v poho.. diks


Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2015-06-01 20:15:01
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 216 GB (23%) free of 954 GB
Total RAM: 4095 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:15:52 PM, on 6/1/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files (x86)\3\3MobileWiFi
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: rcores - Unknown owner - C:\Windows\rcore.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7892 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\rcore.exe
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
WLIDSvcM.exe 2468
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8c2da9b8-f4ad-4ade-864c-5b1e8b68f265 -SystemEventPortName:HostProcess-b74f4ee4-4c41-4190-b926-edefd7240566 -IoCancelEventPortName:HostProcess-303b634f-c490-4950-bf85-c214c824c50f -NonStateChangingEventPortName:HostProcess-997d4d93-6c6f-4cae-80b3-29688890c457 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9a42e5e4-6cc6-4da8-a539-55b6cd8d6dd9 -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c3597ea7-d917-4cff-97d9-3b30b6ffc653 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1135678590-10804917191469656920797776052382128894-1928291941-1585802860317419231
\??\C:\Windows\system32\conhost.exe "-16055220451750771881201123088920662612101121878824-1242808014218061488-1635448591
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\ADMIN\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22 302992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-17 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22 289168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"=C:\Program Files (x86)\3\3MobileWiFi []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileAppSync]
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetBalancer]
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [2015-04-06 1803112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-18 1677904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-21 21:29:55 ----D---- C:\Program Files (x86)\GUMF5DC.tmp
2015-05-20 22:17:26 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-06-01 20:15:52 ----D---- C:\Windows\Prefetch
2015-06-01 20:15:51 ----D---- C:\Program Files\trend micro
2015-06-01 20:15:50 ----D---- C:\Windows\temp
2015-06-01 19:58:47 ----D---- C:\Windows\System32
2015-06-01 19:58:47 ----D---- C:\Windows\inf
2015-06-01 19:58:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-01 19:54:32 ----D---- C:\ProgramData\NVIDIA
2015-05-31 15:05:56 ----D---- C:\Program Files (x86)\Steam
2015-05-30 21:47:18 ----D---- C:\ProgramData\Origin
2015-05-21 21:29:55 ----D---- C:\Program Files (x86)
2015-05-21 08:03:50 ----D---- C:\Windows\system32\LogFiles
2015-05-20 22:17:43 ----D---- C:\Windows
2015-05-20 22:14:27 ----D---- C:\Windows\Logs
2015-05-15 18:02:50 ----SHD---- C:\Windows\Installer
2015-05-15 18:02:23 ----RSD---- C:\Windows\assembly
2015-05-14 21:12:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-14 20:57:18 ----D---- C:\Windows\system32\drivers
2015-05-05 22:33:16 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent
2015-05-02 15:44:59 ----D---- C:\Users\ADMIN\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R1 nbdrv;NetBalancer Filter; C:\Windows\system32\DRIVERS\nbdrv.sys [2015-02-05 40976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-08-20 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-08-20 43680]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 90112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-11 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 droidpad;DroidPad Joystick; C:\Windows\system32\DRIVERS\droidpad.sys [2012-12-24 21320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 14336]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 76800]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 30720]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2015-04-15 53312]
S3 PSSDKLBF;PSSDKLBF; \??\C:\Windows\system32\Drivers\pssdklbf.sys [2015-04-15 65600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 NetBalancerService;NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2015-04-06 129896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 rcores;rcores; C:\Windows\rcore.exe [2014-12-19 4959744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WindowsVNT_R5;Windows Virtual Network (WVN5); C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe [2015-03-25 2976880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-04-19 236840]
S3 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-04-16 1931632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 CS_SysMsgProxy;CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [2013-06-21 255136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S4 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

No slava... konecne zmizela ta kravina co mi naskakovala v chrome na misto google...pocitac je rychlejsi, ale yotube stale buffering... kontroloval jsem pripojeni.. ping v normalu a tablet jede jak o 106... ani nevim proc se to tak rika Jeste nejake napady? rovnou posilam i rsit log pod adwlogem

# AdwCleaner v4.206 - Logfile created 01/06/2015 at 21:40:26
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ADMIN - ADMIN-PC
# Running from : C:\Users\ADMIN\Downloads\adwcleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : rcores

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\d99a59230000451e
Folder Deleted : C:\ProgramData\{a921d974-7a08-7137-a921-1d9747a065d1}
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clean2PC
Folder Deleted : C:\Program Files (x86)\FlvPlayer
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Nosibay
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\Program Files (x86)\TabNav
Folder Deleted : C:\Program Files (x86)\download Manager
Folder Deleted : C:\Program Files (x86)\clean2PC
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
[!] Folder Deleted : C:\Windows\SysWOW64\drivers\hosts
Folder Deleted : C:\Users\ADMIN\AppData\Local\globalUpdate
Folder Deleted : C:\Users\ADMIN\AppData\Local\avayvaxvaa
Folder Deleted : C:\Users\ADMIN\AppData\LocalLow\Check Point Software Technologies LTD
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\DesktopIconForAmazon
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Store
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Check Point Software Technologies LTD
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Fighters
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\WTools
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
Folder Deleted : C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
File Deleted : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgbjdgnkkchgleommaaapafcigjjbnmg_0.localstorage
File Deleted : C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mahgaopgbalgbfohkikbdjfmaapiehaf
File Deleted : C:\END
File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Deleted : C:\Windows\rcore.exe
File Deleted : C:\Windows\SysWOW64\abengine.ini
File Deleted : C:\Windows\SysWOW64\abengineOff.ini
File Deleted : C:\Windows\System32\abengineOff.ini
File Deleted : C:\Windows\System32\drivers\SPPD.sys
File Deleted : C:\Users\ADMIN\AppData\Roaming\Bubble Dock.installation.log
File Deleted : C:\Users\ADMIN\AppData\Roaming\Selection Tools.installation.log
File Deleted : C:\Users\ADMIN\AppData\Roaming\WindApp.boostrap.log
File Deleted : C:\Users\ADMIN\AppData\Roaming\WindApp.installation.log
File Deleted : C:\Users\ADMIN\AppData\Roaming\MFGMSEYM

***** [ Scheduled tasks ] *****

Task Deleted : AmiUpdXp
Task Deleted : FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
Task Deleted : Registry Optimizer
Task Deleted : amiupdaterExd
Task Deleted : amiupdaterExi

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\ADMIN\Desktop\Chromium.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\ADMIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chromium.lnk
Shortcut Disinfected : C:\Users\ADMIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bebnnlollpcjnfpkafhoclljaojgnfok
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\3b8af1c6-e43f-42a8-9ba9-62b8c18bc4c5
Key Deleted : HKLM\SOFTWARE\d219530e-1ecd-4f83-beab-fb231e1595ff
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\BoBrowser
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\Fighters
Key Deleted : HKCU\Software\estdemin
Key Deleted : HKCU\Software\WeatherAlerts
Key Deleted : HKCU\Software\Corez
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\TabNav
Key Deleted : HKU\.DEFAULT\Software\Microsoft\KanarCore
Key Deleted : HKU\.DEFAULT\Software\TornTv Downloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 127.0.0.1:8800
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;<local>
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 127.0.0.1:8800
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>;<local>
Data Deleted : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings [ProxySettingsPerUser] - 0

***** [ Web browsers ] *****

-\\ Internet Explorer v0.0.0.0

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.101


-\\ Chromium v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [8032 bytes] - [29/10/2013 19:06:58]
AdwCleaner[R1].txt - [16358 bytes] - [01/06/2015 21:29:12]
AdwCleaner[S0].txt - [7687 bytes] - [29/10/2013 19:08:00]
AdwCleaner[S1].txt - [15266 bytes] - [01/06/2015 21:40:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15326 bytes] ##########

rsit zde


Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2015-06-01 21:54:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 216 GB (23%) free of 954 GB
Total RAM: 4095 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:51 PM, on 6/1/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files (x86)\3\3MobileWiFi
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7245 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2484
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-be76b7e6-da7e-4412-b718-d419fbd2c415 -SystemEventPortName:HostProcess-546bba34-a30d-44b8-b0aa-25ec5f31e1ca -IoCancelEventPortName:HostProcess-038ed317-b562-4f65-85d6-59eafbff1a1b -NonStateChangingEventPortName:HostProcess-eef7ebef-cbe1-4433-a731-9b2ececc0b1b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3861f4d7-8a5a-4188-a3a5-3f2821ba49ef -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c3597ea7-d917-4cff-97d9-3b30b6ffc653 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1111155520-206569656663010301175189297613947165844285417361102510647-1114057197
\??\C:\Windows\system32\conhost.exe "-9380394361531179658-125375186158207685014897116-2997691631559310935-623377091
"C:\uzit+\chrome-win32\chrome.exe"
"C:\uzit+\chrome-win32\chrome.exe" --type=gpu-process --channel="3864.0.1762944201\486456944" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,8,19,21 --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --ignored=" --type=renderer " /prefetch:822062411
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadDisabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/PrerenderLoggedInPredictor/Enabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="3864.1.2108132032\376508725" /prefetch:673131151
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=CacheSensitivityAnalysis/No/ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadDisabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/PrerenderLoggedInPredictor/Enabled/SpdyCwnd/cwnd10/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --instant-process --enable-threaded-compositing --disable-html-notifications --channel="3864.4.1281162559\760045502" /prefetch:673131151
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=CacheSensitivityAnalysis/No/ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadDisabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderControl/PrerenderLoggedInPredictor/Enabled/SpdyCwnd/cwnd10/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="3864.6.1137288369\287240970" /prefetch:673131151
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\ADMIN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-17 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"=C:\Program Files (x86)\3\3MobileWiFi []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileAppSync]
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetBalancer]
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [2015-04-06 1803112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-18 1677904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-21 21:29:55 ----D---- C:\Program Files (x86)\GUMF5DC.tmp
2015-05-20 22:17:26 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-06-01 21:55:50 ----D---- C:\Windows\temp
2015-06-01 21:55:50 ----D---- C:\Program Files\trend micro
2015-06-01 21:54:24 ----D---- C:\Windows\Prefetch
2015-06-01 21:47:04 ----D---- C:\Windows\System32
2015-06-01 21:47:04 ----D---- C:\Windows\inf
2015-06-01 21:47:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-01 21:41:50 ----D---- C:\ProgramData\NVIDIA
2015-06-01 21:41:41 ----D---- C:\Windows\SYSWOW64\drivers
2015-06-01 21:40:35 ----D---- C:\AdwCleaner
2015-06-01 21:40:32 ----D---- C:\Windows\system32\Tasks
2015-06-01 21:40:30 ----D---- C:\Windows\SysWOW64
2015-06-01 21:40:30 ----D---- C:\Windows\system32\drivers
2015-06-01 21:40:30 ----D---- C:\Windows
2015-06-01 21:40:29 ----D---- C:\Program Files (x86)\Common Files
2015-06-01 21:40:29 ----D---- C:\Program Files (x86)
2015-06-01 21:40:28 ----D---- C:\ProgramData
2015-05-31 15:05:56 ----D---- C:\Program Files (x86)\Steam
2015-05-30 21:47:18 ----D---- C:\ProgramData\Origin
2015-05-21 08:03:50 ----D---- C:\Windows\system32\LogFiles
2015-05-20 22:14:27 ----D---- C:\Windows\Logs
2015-05-15 18:02:50 ----SHD---- C:\Windows\Installer
2015-05-15 18:02:23 ----RSD---- C:\Windows\assembly
2015-05-14 21:12:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-05 22:33:16 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent
2015-05-02 15:44:59 ----D---- C:\Users\ADMIN\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R1 nbdrv;NetBalancer Filter; C:\Windows\system32\DRIVERS\nbdrv.sys [2015-02-05 40976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-08-20 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-08-20 43680]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 90112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-11 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 droidpad;DroidPad Joystick; C:\Windows\system32\DRIVERS\droidpad.sys [2012-12-24 21320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 14336]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 76800]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 30720]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2015-04-15 53312]
S3 PSSDKLBF;PSSDKLBF; \??\C:\Windows\system32\Drivers\pssdklbf.sys [2015-04-15 65600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 NetBalancerService;NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2015-04-06 129896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WindowsVNT_R5;Windows Virtual Network (WVN5); C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe [2015-03-25 2976880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-04-19 236840]
S3 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-04-16 1931632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 CS_SysMsgProxy;CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [2013-06-21 255136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S4 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files (x86)\GUM*.tmp

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

dobry den, vcera uz bylo pozde, tak jsem to projel OTM dnes po praci.. zde jsou vysledky..

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files (x86)\GUM6E2F.tmp folder moved successfully.
C:\Program Files (x86)\GUMF5DC.tmp folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: ADMIN
->Temp folder emptied: 3567442 bytes
->Temporary Internet Files folder emptied: 4085160 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 209820948 bytes
->Flash cache emptied: 1693 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 757760 bytes
%systemroot%\System32 .tmp files removed: 2428680 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19066 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 45556719 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 254.00 mb


[EMPTYFLASH]

User: ADMIN
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 06022015_190702

Files moved on Reboot...
C:\Users\ADMIN\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ADMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2015-06-02 19:20:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 216 GB (23%) free of 954 GB
Total RAM: 4095 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:21:05 PM, on 6/2/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\uzit+\chrome-win32\chrome.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files (x86)\3\3MobileWiFi
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7245 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2108
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\06022015_190702.log
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\uzit+\chrome-win32\chrome.exe"
"C:\uzit+\chrome-win32\chrome.exe" --type=gpu-process --channel="2484.0.1438490541\1322014463" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,8,19,21 --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --ignored=" --type=renderer " /prefetch:822062411
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadEnabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="2484.3.723143473\1839152743" /prefetch:673131151
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadEnabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --disable-html-notifications --channel="2484.4.1935847157\1132238400" /prefetch:673131151
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\uzit+\chrome-win32\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials=CacheSensitivityAnalysis/No/ForceCompositingMode/thread/InfiniteCache/No/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OneClickSignIn/BlueOnWhite/OverlappedReadImpact/OverlappedReadEnabled/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderNoUse/PrerenderLoggedInPredictor/Enabled/SpdyCwnd/cwnd10/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/ --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2484.7.945531454\1767083794" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c3597ea7-d917-4cff-97d9-3b30b6ffc653 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-2020586266883829511-17965781331368041665-2183916358839422761379448588-4796097
\??\C:\Windows\system32\conhost.exe "124945365912490438275332504183259688510190813512085622802652738304376274226
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-329f860a-25cb-4828-adbb-e53e7795985d -SystemEventPortName:HostProcess-67778354-3559-4ddd-a93e-845e3bbdd1b1 -IoCancelEventPortName:HostProcess-0238f437-be29-4ccc-a020-f2697887ff16 -NonStateChangingEventPortName:HostProcess-f7b687d2-5712-4f82-94dd-53da7f20955e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d354e697-0e7d-4508-8035-3af5626082dc -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\ADMIN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-17 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"=C:\Program Files (x86)\3\3MobileWiFi []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileAppSync]
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetBalancer]
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [2015-04-06 1803112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-18 1677904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-06-02 19:07:02 ----D---- C:\_OTM
2015-05-20 22:17:26 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-06-02 19:21:04 ----D---- C:\Windows\temp
2015-06-02 19:21:04 ----D---- C:\Program Files\trend micro
2015-06-02 19:14:13 ----D---- C:\Windows\System32
2015-06-02 19:14:13 ----D---- C:\Windows\inf
2015-06-02 19:14:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-02 19:08:05 ----D---- C:\ProgramData\NVIDIA
2015-06-02 19:07:10 ----D---- C:\Windows\SysWOW64
2015-06-02 19:07:10 ----D---- C:\Windows
2015-06-02 19:07:02 ----D---- C:\Windows\Tasks
2015-06-02 19:07:02 ----D---- C:\Program Files (x86)
2015-06-02 19:06:51 ----D---- C:\Windows\Prefetch
2015-06-02 00:59:41 ----D---- C:\Program Files (x86)\Steam
2015-06-01 21:41:41 ----D---- C:\Windows\SYSWOW64\drivers
2015-06-01 21:40:35 ----D---- C:\AdwCleaner
2015-06-01 21:40:32 ----D---- C:\Windows\system32\Tasks
2015-06-01 21:40:30 ----D---- C:\Windows\system32\drivers
2015-06-01 21:40:29 ----D---- C:\Program Files (x86)\Common Files
2015-06-01 21:40:28 ----D---- C:\ProgramData
2015-05-30 21:47:18 ----D---- C:\ProgramData\Origin
2015-05-21 08:03:50 ----D---- C:\Windows\system32\LogFiles
2015-05-20 22:14:27 ----D---- C:\Windows\Logs
2015-05-15 18:02:50 ----SHD---- C:\Windows\Installer
2015-05-15 18:02:23 ----RSD---- C:\Windows\assembly
2015-05-14 21:12:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-05 22:33:16 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R1 nbdrv;NetBalancer Filter; C:\Windows\system32\DRIVERS\nbdrv.sys [2015-02-05 40976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-08-20 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-08-20 43680]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 90112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-11 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 droidpad;DroidPad Joystick; C:\Windows\system32\DRIVERS\droidpad.sys [2012-12-24 21320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 14336]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 76800]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 30720]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2015-04-15 53312]
S3 PSSDKLBF;PSSDKLBF; \??\C:\Windows\system32\Drivers\pssdklbf.sys [2015-04-15 65600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 NetBalancerService;NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2015-04-06 129896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WindowsVNT_R5;Windows Virtual Network (WVN5); C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe [2015-03-25 2976880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-04-19 236840]
S3 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-04-16 1931632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 CS_SysMsgProxy;CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [2013-06-21 255136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S4 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]

-----------------EOF-----------------

prominte, zapomel jsem dodat... google zacal vyhledavat stranky ani jsem nestacil dopsat adresu... to tu dlouho nebylo bohuzel video streaming a dowload je stale zpomaleny

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

zdravim, vcera to trvalo pul hodiny stahnout ten program a hodinu trvalo to updatnout, scan ani nevim, nechal jsem to bezet prez noc a dnes po praci, jsem uplne zapomel ze nemam nic mazat a ja odhackoval vsechno a smazal... bylo nalezeno 34 objektu a za boha nemuzu najit log tak posilam alepson rsitko... youtube uz nacita malicko rychleji nez hraje, takze buffering je pryc, ale stale to neni to co byvalo...


Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2015-06-03 22:02:51
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 216 GB (23%) free of 954 GB
Total RAM: 4095 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:52 PM, on 6/3/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\trend micro\ADMIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files (x86)\3\3MobileWiFi
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7198 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\MobileBrServ\mbbservice.exe" -service
"C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2228
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b66db9f-b26b-4dc7-b690-73763cbd03a2 -SystemEventPortName:HostProcess-5ed247be-2c63-472c-806e-57bb53ac60bf -IoCancelEventPortName:HostProcess-029fc742-c45c-42af-b6e2-135c0f3d4874 -NonStateChangingEventPortName:HostProcess-b6464ce2-f7ea-4aba-8bff-2a762fd76fdd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c755ab31-72d4-4996-958b-65f83886f8de -DeviceGroupId:WpdFsGroup
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c3597ea7-d917-4cff-97d9-3b30b6ffc653 1
\??\C:\Windows\system32\conhost.exe "-498689018-20729706811622578515-863746317-7383080271103591154-2019025288181861660
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1881803575447645359-157295318385721859821151595305353109022137842452-1593883147
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\ADMIN\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-17 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-17 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"=C:\Program Files (x86)\3\3MobileWiFi []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileAppSync]
C:\Program Files (x86)\Mobile App Sync\D2MClient.exe [2013-05-14 312320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetBalancer]
C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [2015-04-06 1803112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-18 1677904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-06-02 19:07:02 ----D---- C:\_OTM
2015-05-20 22:17:26 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-06-03 22:02:52 ----D---- C:\Program Files\trend micro
2015-06-03 22:02:48 ----D---- C:\Windows\temp
2015-06-03 21:26:43 ----D---- C:\Windows\Prefetch
2015-06-03 21:17:34 ----D---- C:\Windows\System32
2015-06-03 21:17:34 ----D---- C:\Windows\inf
2015-06-03 21:17:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-03 20:09:05 ----D---- C:\ProgramData\NVIDIA
2015-06-03 20:08:56 ----D---- C:\Windows
2015-06-03 20:08:54 ----RSD---- C:\Windows\assembly
2015-06-03 20:08:54 ----D---- C:\Windows\system32\drivers
2015-06-03 20:08:13 ----D---- C:\Program Files (x86)\Windows Network Accelerater
2015-06-03 20:08:13 ----D---- C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb
2015-06-03 20:08:13 ----D---- C:\Program Files (x86)\7-Zip
2015-06-03 20:08:13 ----D---- C:\Program Files (x86)\1573dcc6-ebad-449c-a170-b39186f9f5eb
2015-06-03 19:36:57 ----D---- C:\Program Files (x86)\Steam
2015-06-03 19:16:32 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-02 19:07:10 ----D---- C:\Windows\SysWOW64
2015-06-02 19:07:02 ----D---- C:\Windows\Tasks
2015-06-02 19:07:02 ----D---- C:\Program Files (x86)
2015-06-01 21:41:41 ----D---- C:\Windows\SYSWOW64\drivers
2015-06-01 21:40:35 ----D---- C:\AdwCleaner
2015-06-01 21:40:32 ----D---- C:\Windows\system32\Tasks
2015-06-01 21:40:29 ----D---- C:\Program Files (x86)\Common Files
2015-06-01 21:40:28 ----D---- C:\ProgramData
2015-05-30 21:47:18 ----D---- C:\ProgramData\Origin
2015-05-21 08:03:50 ----D---- C:\Windows\system32\LogFiles
2015-05-20 22:14:27 ----D---- C:\Windows\Logs
2015-05-15 18:02:50 ----SHD---- C:\Windows\Installer
2015-05-14 21:12:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-05 22:33:16 ----D---- C:\Users\ADMIN\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-05-13 283200]
R1 nbdrv;NetBalancer Filter; C:\Windows\system32\DRIVERS\nbdrv.sys [2015-02-05 40976]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-08-20 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-08-20 43680]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 90112]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-11 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 droidpad;DroidPad Joystick; C:\Windows\system32\DRIVERS\droidpad.sys [2012-12-24 21320]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 14336]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-10-29 76800]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 30720]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 PSSDK42;PSSDK42; \??\C:\Windows\system32\Drivers\pssdk42.sys [2015-04-15 53312]
S3 PSSDKLBF;PSSDKLBF; \??\C:\Windows\system32\Drivers\pssdklbf.sys [2015-04-15 65600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 Mobile Broadband HL Service;Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [2012-06-28 233344]
R2 NetBalancerService;NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [2015-04-06 129896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WindowsVNT_R5;Windows Virtual Network (WVN5); C:\Program Files (x86)\Windows Network Accelerater\v5\winvxm.exe [2015-03-25 2976880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-14 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-04-19 236840]
S3 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-05-20 5086240]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-04-16 1931632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-15 1255736]
S4 CS_SysMsgProxy;CS_SysMsgProxy; C:\Program Files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [2013-06-21 255136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]
S4 SwOffWeb;Airytec Switch Off - Web Interface; C:\Program Files\Airytec\Switch Off\swoff.exe [2014-09-23 173056]

-----------------EOF-----------------

Ten log ale potřebuji vidět. Kdyby byl problém vidět v RSIT, nedělali bychom MBAM a smazal bych to přes OTM. Zkuste ho vyhledat přes "Prohledat programy a soubory".

Dodatecne posilam log mbam.... kdyby se neco podobneho stalo nekomu jinemu... doporucuji vyhledat v C:\ log mbam a jeste dodavam good job with sarcasm.... pravda mohlo me to napadnout automaticky

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/06/03 19:52:37 +0100</date>
<logfile>mbam-log-2015-06-03 (19-36-47).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.01.6.1022</version>
<malware-database>v2015.06.03.05</malware-database>
<rootkit-database>v2015.06.02.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>ADMIN</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>374826</objects>
<time>851</time>
<processes>0</processes>
<modules>0</modules>
<keys>6</keys>
<values>17</values>
<datas>0</datas>
<folders>3</folders>
<files>17</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR</path><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><hash>89c8c5f138521a1ce1d0b1d0be477a86</hash></key>
<key><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Security.Hijack.DisableChromeUpdates</vendor><action>success</action><hash>eb66eacc6d1d2b0bb69eeb9629dc827e</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}</path><vendor>PUP.Optional.CrossRider.A</vendor><action>success</action><hash>be937f3791f977bf026b235beb1a10f0</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><vendor>PUM.Security.Hijack.DisableChromeUpdates</vendor><action>success</action><hash>3021ecca2c5ef73f0351b6cb2ed745bb</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\donutleadsServiceCore</path><vendor>PUP.Optional.DonutLeads.A</vendor><action>success</action><hash>f1604571ff8b33038061f8017d86a65a</hash></key>
<key><path>HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_</path><vendor>PUP.Optional.Crossrider.C</vendor><action>success</action><hash>b899694dbccebe7864ab097317ee5da3</hash></key>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>6de46b4b573361d5852b6e1305001be5</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>e869bbfbc8c20a2c218f7d04e3222cd4</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>8cc510a6e8a21d194d63cdb4b15456aa</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>48094472fd8d2e08218f166b8184738d</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\msiexec.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>054ce1d5bad00531eec24041709529d7</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SearchProtectionSetup.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>99b8c9ed612955e12d83dba65ca9b050</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SearchProtectionStub.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>ef625e58b7d3c86e9818b4cd52b3ee12</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SettingsManagerSetup.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>80d101b561293ff74c6479089f66e51b</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMg.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>8ac7b600b6d4af87b6fae59c4cb9a45c</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMngr_iLivid.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>f85985314842c86e40708ef352b34db3</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMngr_iMesh.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>bc95199db5d50333e8c83d44ba4b19e7</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>0f424a6c4941d561466a4d34d72e827e</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>a7aa3a7cf49657df6e427e032bda9f61</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr</path><valuename>{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb</valuename><vendor>PUP.Optional.Trovi.A</vendor><action>success</action><valuedata>130699743148476000</valuedata><hash>89c8c5f138521a1ce1d0b1d0be477a86</hash></value>
<value><path>HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Security.Hijack.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>eb66eacc6d1d2b0bb69eeb9629dc827e</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}</path><valuename>AppName</valuename><vendor>PUP.Optional.CrossRider.A</vendor><action>success</action><valuedata>Solid Savings-bg.exe</valuedata><hash>be937f3791f977bf026b235beb1a10f0</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE</path><valuename>DisableAutoUpdateChecksCheckboxValue</valuename><vendor>PUM.Security.Hijack.DisableChromeUpdates</vendor><action>success</action><valuedata>1</valuedata><hash>3021ecca2c5ef73f0351b6cb2ed745bb</hash></value>
<folder><path>C:\Users\ADMIN\Documents\Optimizer Pro</path><vendor>PUP.Optional.OptimizerPro.A</vendor><action>success</action><hash>361b288e058574c20ad12060ff06f60a</hash></folder>
<folder><path>C:\Program Files (x86)\Windows Network Accelerater\v3</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></folder>
<folder><path>C:\Program Files (x86)\Windows Network Accelerater\v3\config</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></folder>
<file><path>C:\Program Files (x86)\1573dcc6-ebad-449c-a170-b39186f9f5eb\0510b195-d4d1-4be2-ad19-1830c6ff848f.dll</path><vendor>PUP.Optional.InstallCore.C</vendor><action>success</action><hash>5df4d2e4bdcdbb7b8aab264ab056b24e</hash></file>
<file><path>C:\Program Files (x86)\1573dcc6-ebad-449c-a170-b39186f9f5eb\b1113545-2d1f-4ed0-8886-8b9b9415e0f3.dll</path><vendor>PUP.Optional.Nova.A</vendor><action>success</action><hash>f75af1c5afdb3bfb4e124ec6709227d9</hash></file>
<file><path>C:\Program Files (x86)\7-Zip\0f5eae6e-dc38-4fe9-b6d6-ee454a5bf494.dll</path><vendor>PUP.Optional.Nova.A</vendor><action>success</action><hash>f75a3482c8c270c6ce925fb55da508f8</hash></file>
<file><path>C:\Program Files (x86)\7-Zip\1573dcc6-ebad-449c-a170-b39186f9f5eb.dll</path><vendor>PUP.Optional.InstallCore.C</vendor><action>success</action><hash>73de2f877416eb4b280d9fd1a75fc13f</hash></file>
<file><path>C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb\46da3db2-c661-4558-a6e0-3a5d8480a5be.dll</path><vendor>PUP.Optional.InstallCore.C</vendor><action>success</action><hash>78d97541beccde58f73e58189e6842be</hash></file>
<file><path>C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb\baf46814-1442-4526-b89a-80bb14f2d10f.dll</path><vendor>PUP.Optional.Nova.A</vendor><action>success</action><hash>e66b3086e6a4a690f967b85cf40ed729</hash></file>
<file><path>C:\Users\ADMIN\Downloads\Cloud_Backup_Setup (1).exe</path><vendor>PUP.Optional.Mypcbackup</vendor><action>success</action><hash>252cd1e57812c37303292e428a7c17e9</hash></file>
<file><path>C:\Users\ADMIN\Downloads\Cloud_Backup_Setup.exe</path><vendor>PUP.Optional.Mypcbackup</vendor><action>success</action><hash>4809bdf99dedfa3c64c8db9535d16898</hash></file>
<file><path>C:\Users\ADMIN\Downloads\Setup.exe</path><vendor>PUP.Optional.DomaIQ</vendor><action>success</action><hash>a5ac0fa7c4c6142263e7baa1d22e649c</hash></file>
<file><path>C:\Users\ADMIN\Downloads\Installation.exe</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>dd74edc92b5f7bbb2b3cab6b9571f30d</hash></file>
<file><path>C:\Users\ADMIN\Downloads\Player Setup.exe</path><vendor>PUP.Optional.SoftPulse</vendor><action>success</action><hash>0f425363305ab581dc6ab559758d7090</hash></file>
<file><path>C:\Windows\System32\Tasks\DonutQuotes</path><vendor>PUP.Optional.DonutQuotes</vendor><action>success</action><hash>a3ae377fa8e266d0849e5ba241c2a35d</hash></file>
<file><path>C:\Users\ADMIN\Documents\Optimizer Pro\CookiesException.txt</path><vendor>PUP.Optional.OptimizerPro.A</vendor><action>success</action><hash>361b288e058574c20ad12060ff06f60a</hash></file>
<file><path>C:\Program Files (x86)\Windows Network Accelerater\v3\systeinfo.vpx</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></file>
<file><path>C:\Program Files (x86)\Windows Network Accelerater\v3\vxmclient.exe</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></file>
<file><path>C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></file>
<file><path>C:\Program Files (x86)\Windows Network Accelerater\v3\config\systeinfo.vpx</path><vendor>PUP.Optional.VXMClient.A</vendor><action>success</action><hash>d879bcfac8c23df912c30ed18a796d93</hash></file>
</items>
</mbam-log>

Vše nalezené smažte. V PC by měl někde být log v txt formátu. Vypadá asi takto: http://forum.viry.cz/viewtopic.php?f=13 ... m#p1400368 .

nakonec jsem musel jit do history v programu a exportovat history file do txt souboru kam chci... tady je

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 6/3/2015
Scan Time: 7:52:37 PM
Logfile: asdf.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.03.05
Rootkit Database: v2015.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ADMIN

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374826
Time Elapsed: 14 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 6
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR, Quarantined, [89c8c5f138521a1ce1d0b1d0be477a86],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarantined, [eb66eacc6d1d2b0bb69eeb9629dc827e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}, Quarantined, [be937f3791f977bf026b235beb1a10f0],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarantined, [3021ecca2c5ef73f0351b6cb2ed745bb],
PUP.Optional.DonutLeads.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\donutleadsServiceCore, Quarantined, [f1604571ff8b33038061f8017d86a65a],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [b899694dbccebe7864ab097317ee5da3],

Registry Values: 17
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [6de46b4b573361d5852b6e1305001be5]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [e869bbfbc8c20a2c218f7d04e3222cd4]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [8cc510a6e8a21d194d63cdb4b15456aa]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [48094472fd8d2e08218f166b8184738d]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\msiexec.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [054ce1d5bad00531eec24041709529d7]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SearchProtectionSetup.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [99b8c9ed612955e12d83dba65ca9b050]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SearchProtectionStub.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [ef625e58b7d3c86e9818b4cd52b3ee12]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SettingsManagerSetup.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [80d101b561293ff74c6479089f66e51b]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMg.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [8ac7b600b6d4af87b6fae59c4cb9a45c]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMngr_iLivid.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [f85985314842c86e40708ef352b34db3]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\SetupDataMngr_iMesh.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [bc95199db5d50333e8c83d44ba4b19e7]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [0f424a6c4941d561466a4d34d72e827e]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [a7aa3a7cf49657df6e427e032bda9f61]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130699743148476000, Quarantined, [89c8c5f138521a1ce1d0b1d0be477a86]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [eb66eacc6d1d2b0bb69eeb9629dc827e]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211621178}|AppName, Solid Savings-bg.exe, Quarantined, [be937f3791f977bf026b235beb1a10f0]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [3021ecca2c5ef73f0351b6cb2ed745bb]

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.OptimizerPro.A, C:\Users\ADMIN\Documents\Optimizer Pro, Quarantined, [361b288e058574c20ad12060ff06f60a],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3, Quarantined, [d879bcfac8c23df912c30ed18a796d93],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\config, Quarantined, [d879bcfac8c23df912c30ed18a796d93],

Files: 17
PUP.Optional.InstallCore.C, C:\Program Files (x86)\1573dcc6-ebad-449c-a170-b39186f9f5eb\0510b195-d4d1-4be2-ad19-1830c6ff848f.dll, Quarantined, [5df4d2e4bdcdbb7b8aab264ab056b24e],
PUP.Optional.Nova.A, C:\Program Files (x86)\1573dcc6-ebad-449c-a170-b39186f9f5eb\b1113545-2d1f-4ed0-8886-8b9b9415e0f3.dll, Quarantined, [f75af1c5afdb3bfb4e124ec6709227d9],
PUP.Optional.Nova.A, C:\Program Files (x86)\7-Zip\0f5eae6e-dc38-4fe9-b6d6-ee454a5bf494.dll, Quarantined, [f75a3482c8c270c6ce925fb55da508f8],
PUP.Optional.InstallCore.C, C:\Program Files (x86)\7-Zip\1573dcc6-ebad-449c-a170-b39186f9f5eb.dll, Quarantined, [73de2f877416eb4b280d9fd1a75fc13f],
PUP.Optional.InstallCore.C, C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb\46da3db2-c661-4558-a6e0-3a5d8480a5be.dll, Quarantined, [78d97541beccde58f73e58189e6842be],
PUP.Optional.Nova.A, C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb\baf46814-1442-4526-b89a-80bb14f2d10f.dll, Quarantined, [e66b3086e6a4a690f967b85cf40ed729],
PUP.Optional.Mypcbackup, C:\Users\ADMIN\Downloads\Cloud_Backup_Setup (1).exe, Quarantined, [252cd1e57812c37303292e428a7c17e9],
PUP.Optional.Mypcbackup, C:\Users\ADMIN\Downloads\Cloud_Backup_Setup.exe, Quarantined, [4809bdf99dedfa3c64c8db9535d16898],
PUP.Optional.DomaIQ, C:\Users\ADMIN\Downloads\Setup.exe, Quarantined, [a5ac0fa7c4c6142263e7baa1d22e649c],
PUP.Optional.OutBrowse, C:\Users\ADMIN\Downloads\Installation.exe, Quarantined, [dd74edc92b5f7bbb2b3cab6b9571f30d],
PUP.Optional.SoftPulse, C:\Users\ADMIN\Downloads\Player Setup.exe, Quarantined, [0f425363305ab581dc6ab559758d7090],
PUP.Optional.DonutQuotes, C:\Windows\System32\Tasks\DonutQuotes, Quarantined, [a3ae377fa8e266d0849e5ba241c2a35d],
PUP.Optional.OptimizerPro.A, C:\Users\ADMIN\Documents\Optimizer Pro\CookiesException.txt, Quarantined, [361b288e058574c20ad12060ff06f60a],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\systeinfo.vpx, Quarantined, [d879bcfac8c23df912c30ed18a796d93],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\vxmclient.exe, Quarantined, [d879bcfac8c23df912c30ed18a796d93],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe, Quarantined, [d879bcfac8c23df912c30ed18a796d93],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\config\systeinfo.vpx, Quarantined, [d879bcfac8c23df912c30ed18a796d93],

Physical Sectors: 0
(No malicious items detected)


(end)

Jj a díky. Já si to přebral už z formátu xml. Stále platí: vše smažte.

To jsem uz davno provedl a ano, kdyby jste ted rekl nemazte to, tak by to byla chyba, protoze ja to udelal uz po vasi odpovedi udelejte mbam scan, ale predem nic nemazte... po te jsem provedl scan znovu a vysel jako 0 inficovanych objektu, ale stale je to bida... 77MB stahuju update na origin hodinu a pul... zdroj internetu (telefon) stahuje 3MB/s bez chybne a i pocitac tak byval par dni zpatky... musim ale rict, ze je to lepsi protoze stranky nabihaji rychleji v chrome... mate jeste nejake napady?

Zkuste přeinstalovat ovladač síť. adaptéru.