preventivna kontrola

[fskristina]

Zdravim, poprosil by som o kontrolu logu, vopred dakujem.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ján at 2017-09-05 10:38:41
Microsoft Windows 7 Enterprise Service Pack 1
System drive C: has 322 GB (67%) free of 477 GB
Total RAM: 2047 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:22, on 5. 9. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Users\Ján\AppData\Local\background_fault\aswRD.exe
C:\Program Files\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files\Uncheckit\uncheckitBsn.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare\ASC.exe
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe
E:\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Ján.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com/?type=hp&ts=1 ... 1_2ACD524C
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mylucky123.com/?type=hp&ts=1 ... 1_2ACD524C
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mylucky123.com/?type=hp&ts=1 ... 1_2ACD524C
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mylucky123.com/search/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mylucky123.com/search/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mylucky123.com/?type=hp&ts=1 ... 1_2ACD524C
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [background_fault] "C:\Users\Ján\AppData\Local\background_fault\aswRD.exe" "C:\Users\Ján\AppData\Local\background_fault\bf.dll",background_fault_collector
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: AMD - Unknown owner - C:\Users\Ján\AppData\Local\AMD\amd.exe
O23 - Service: cktSvc - EVANGEL TECHNOLOGY (HK) LIMITED - C:\Program Files\Uncheckit\cktSvc.exe
O23 - Service: clean - Unknown owner - C:\Users\Ján\AppData\Local\clean\Kyubey.exe
O23 - Service: Convxxxx - Unknown owner - C:\Users\Ján\AppData\Roaming\adhad\UvConverter.exe
O23 - Service: ed2k idle service (ed2kidle) - http://www.amule.org/ - C:\Program Files\amuleC\ed2k.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files\Firefox\bin\FirefoxUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ExplorerService (iedvutils) - Unknown owner - C:\Program Files\Explorer\iedvutils.exe
O23 - Service: InterHop - Unknown owner - C:\Program Files\InterHop\InterHop.exe
O23 - Service: iThemes5 - Unknown owner - rundll32.exe (file missing)
O23 - Service: Kyubey - Unknown owner - C:\Users\Ján\AppData\Roaming\Kyubey\Kyubey.exe
O23 - Service: qkseeService - Unknown owner - C:\Program Files\qksee\qkseeSvc.exe
O23 - Service: Protect Service(SeteatP) (SeteatP) - Unknown owner - C:\ProgramData\Seteat\Seteat.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: UncheckitSvc - evangel technology (hk) limited - C:\Program Files\Uncheckit\UncheckitSvc.exe
O23 - Service: winsaber - Unknown owner - C:\Program Files\WinSaber\WinSaber.exe
O23 - Service: WinZiper service (winzipersvc) - ExWzp Pvt Ltd. - C:\Program Files\WinZipper\winzipersvc.exe
O23 - Service: yahoochrome technology limit (yahoochrometechnology) - YahooChrome - C:\ProgramData\yahoochrome\desktop25.exe

--
End of file - 8153 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 752416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31 161448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office16\URLREDIR.DLL [2015-07-31 403672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2015-07-31 1512152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"background_fault"=C:\Users\Ján\AppData\Local\background_fault\aswRD.exe [2017-04-06 1419576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9]
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files\KROS\ALFA plus\!System\ALFAplus.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe]
"Debugger="324095823984.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdaterService.exe]
"Debugger="8736459873644.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MRT.exe]
"Debugger="C:\Windows\TEMP\wea96D5.tmp\Gubed.exe -Yrrehs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-09-05 10:04:56 ----D---- C:\rsit
2017-09-05 10:04:56 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2017-09-05 10:39:13 ----D---- C:\Windows\Temp
2017-09-05 10:39:13 ----D---- C:\Windows\system32\drivers\etc
2017-09-05 10:38:26 ----D---- C:\Windows\system32\catroot2
2017-09-05 10:38:25 ----D---- C:\Windows\inf
2017-09-05 10:38:25 ----D---- C:\Windows
2017-09-05 10:28:11 ----D---- C:\Windows\system32\config
2017-09-05 10:26:48 ----SHD---- C:\Boot
2017-09-05 10:24:59 ----SHD---- C:\Windows\Installer
2017-09-05 10:24:59 ----SHD---- C:\Config.Msi
2017-09-05 10:15:08 ----SD---- C:\ProgramData\Microsoft
2017-09-05 10:14:43 ----D---- C:\Windows\system32\drivers
2017-09-05 10:07:31 ----D---- C:\Windows\System32
2017-09-05 10:07:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-05 10:04:56 ----RD---- C:\Program Files
2017-09-04 14:33:23 ----D---- C:\OLYMP
2017-09-04 14:15:23 ----D---- C:\Omega
2017-09-04 11:35:32 ----D---- C:\ProgramData\firebird
2017-09-04 11:33:40 ----D---- C:\Program Files\WinZipper
2017-09-04 11:33:37 ----D---- C:\Program Files\qksee

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2016-02-21 56944]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-02-21 205800]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-02-21 146024]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2016-02-21 161992]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2016-02-21 44608]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2016-02-21 111040]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-07-14 545792]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD;AMD; C:\Users\Ján\AppData\Local\AMD\amd.exe [2017-04-06 120320]
R2 Archer;Archer; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 bilibili;bilibili; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 BIT;BIT; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 cktSvc;cktSvc; C:\Program Files\Uncheckit\cktSvc.exe [2016-11-11 282112]
R2 clean;clean; C:\Users\Ján\AppData\Local\clean\Kyubey.exe [2017-04-06 114688]
R2 Convxxxx;Convxxxx; C:\Users\Ján\AppData\Roaming\adhad\UvConverter.exe [2017-02-06 376832]
R2 ed2kidle;ed2k idle service; C:\Program Files\amuleC\ed2k.exe [2016-10-08 237568]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-02-21 1983936]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 GubedZL;GubedZL; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 GubZL;GubZL; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iedvutils;ExplorerService; C:\Program Files\Explorer\iedvutils.exe [2017-01-22 64184]
R2 InterHop;InterHop; C:\Program Files\InterHop\InterHop.exe [2016-10-31 486912]
R2 Kitty;Kitty; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 Kyubey;Kyubey; C:\Users\Ján\AppData\Roaming\Kyubey\Kyubey.exe [2017-04-01 236032]
R2 MCSvc;Microsoft Cache Service; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 qkseeService;qkseeService; C:\Program Files\qksee\qkseeSvc.exe [2016-09-06 744216]
R2 SeteatP;Protect Service(SeteatP); C:\ProgramData\Seteat\Seteat.exe [2016-08-29 455416]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SNARER;SNARER; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TeamViewer;TeamViewer 12; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2016-12-15 10351856]
R2 UncheckitSvc;UncheckitSvc; C:\Program Files\Uncheckit\UncheckitSvc.exe [2016-07-05 241664]
R2 winsaber;winsaber; C:\Program Files\WinSaber\WinSaber.exe [2016-10-08 877272]
R2 WinSAPSvc;WinSAPSvc; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 WINSNARE;WINSNARE; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 winzipersvc;WinZiper service; C:\Program Files\WinZipper\winzipersvc.exe [2016-08-29 1254960]
R2 yahoochrometechnology;yahoochrome technology limit; C:\ProgramData\yahoochrome\desktop25.exe [2016-05-02 236768]
R3 iThemes5;iThemes5; rundll32 C:\Program Files\Common Files\Services\iThemes.dll,fnde_svr []
S2 Apple_Cfg;Apple Config Service; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 CSHMDR;CSHMDR; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 CWASRE;CWASRE; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 FirefoxU;Update Service(FirefoxU); C:\Program Files\Firefox\bin\FirefoxUpdate.exe [2017-05-26 99480]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S2 NPASRE;NPASRE; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 snare;snare; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 swpvr;Microsoft Software Shadow Provider; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 terana;terana; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-21 154440]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-07-31 202928]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-07-30 4846168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-02-20 1343400]
S4 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Winsere;Winsere; C:\Program Files\Winsere\Winsere\Winsere.exe [2016-03-23 316984]

-----------------EOF-----------------

[JaRon]

ahoj,
1. C:\Program Files\IObit\Advanced SystemCare
toto Ti kto poradil odinstaluj pokial nie je neskoro, ak uz nie je
2. prescanuj PC s MBAM - log sem
3. doinstaluj MSIE 11

[fskristina]

1. noooo zlakala ma dobra reklama :\
2. log prilozeny v textaku
3. uz sa instaluje s aktualizaciami

[JaRon]

Je to hroznejsie ako som cakal
Najdene nechaj vymazat v Mbam, restart, opakovana kontrola s Mbam
Restart a vycistenie s Adwcleanerom

[fskristina]

Dobre ranko, vykonane, prikladam logy.

[JaRon]

ahoj
vycisti PC s CCleanerom - hlavne registre
restart a malo by byt hotovo 0 dufam, ze bez následkov, pretoze to bolo silne zasvinene

[fskristina]

dakujem velmi pekne za pomoc, pocitac uz sa sprava rozumne, este mu pustim defragmentaciu ale chcem sa este predtym opytat na ten jeden nalez co nasiel mbam ci ho dat tiez do karanteny ako ostatne alebo je neskodny? dakujem este raz velmi pekne za ochotu a cas

p.s. viete mi prosim poradit nejaky dobry free AV pretoze esetu v januari konci licencia a neviem ci mi vyjde na zaplatenie dalsej Avast, AVG, Avira, MSE? najlepsie nejaky menej narocny na system vzhladom na system

Dakujem krasne.

S pozdravom

Kris

[JaRon]

nalez MBAM mozes zmazat, ale podla mna nema vplyv na system
free AV - skus BitDefender - hlavne neinstaluj ziadne kraviny typu ASC a kedze je doba, aka je - dobre urobis obcasnym scanom s ADWCleanerom, tak 1x mesacne
rad som pomohol
Jan