Dobrý den,prosím o kontrolu logu.

[dkdavid3]

Dobrý den,chtěl bych poprosit o kontrolu logu.Při spuštění prohlížeče mi vyskakují samovolně okna a avast hlásí nebezpečné stránky,na kterých ale vůbec nejsem...Děkuji Klouček

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:42, on 9. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\David\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Viber] "C:\Users\David\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Startup: Dropbox.lnk = David\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OnePlus One Toolkit.lnk = C:\Program Files (x86)\OPO Toolkit\OnePlus One Toolkit.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12813 bytes

[Roli]

Zdravím, nejprve odinstaluj Spybot - SD.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Nakonec mi sem dej log.txt z Rsit, protože je podrobnější než HJT.

[dkdavid3]

Zdravím,takže jsem udělal jak bylo psáno a posílám nový log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2015-05-10 11:15:10
Microsoft Windows 8.1
System drive C: has 34 GB (12%) free of 286 GB
Total RAM: 3981 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:26, on 10. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Viber] "C:\Users\David\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - Startup: Dropbox.lnk = David\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OnePlus One Toolkit.lnk = C:\Program Files (x86)\OPO Toolkit\OnePlus One Toolkit.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12050 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
dashost.exe {96160172-0436-441d-b34922a0e1811d31}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskhost.exe $(Arg0)

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
taskeng.exe {8240B213-E026-429C-9A52-0E4F4F206538}
taskhostex.exe
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" ba577d1f-ab5d-4918-b619-428aafae8236 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="580.0.580593020\361023181" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=580 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="580.2.839884113\1609218455" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Freud/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_50/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_07/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=580 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="580.6.571755034\2138108249" /prefetch:673131151

"C:\Users\David\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-20 13192848]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-31 64640]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-01 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-01 1570672]
"AutoKMS"=C:\WINDOWS\AutoKMS.exe [2015-02-01 615936]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-04-14 2889408]
"Handy Updater"=C:\Program Files (x86)\HandyUpdater\HandyUpdater.exe [2013-07-05 370176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Viber"=C:\Users\David\AppData\Local\Viber\Viber.exe [2015-02-03 776400]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2013-12-13 831488]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-25 5515496]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
OnePlus One Toolkit.lnk - C:\Program Files (x86)\OPO Toolkit\OnePlus One Toolkit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-05-10 11:15:11 ----D---- C:\Program Files\trend micro
2015-05-10 11:15:10 ----D---- C:\rsit
2015-05-09 13:07:39 ----A---- C:\WINDOWS\SYSWOW64\skflv.txt
2015-05-09 13:07:39 ----A---- C:\WINDOWS\SYSWOW64\drivers\ogonyxfm.sys
2015-05-08 11:12:20 ----D---- C:\Program Files (x86)\Android
2015-05-07 20:58:20 ----D---- C:\Program Files (x86)\WugFresh Development
2015-05-07 20:04:01 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-05-07 20:04:01 ----D---- C:\WINDOWS\system32\NV
2015-05-07 20:00:19 ----D---- C:\WINDOWS\LastGood.Tmp
2015-05-07 19:56:46 ----A---- C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-05-07 19:56:46 ----A---- C:\WINDOWS\system32\nvdispco6435012.dll
2015-05-07 19:56:43 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2015-05-07 19:56:43 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-05-07 19:56:39 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-05-07 19:56:38 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-04-26 13:54:33 ----D---- C:\OPO
2015-04-26 12:19:58 ----D---- C:\AndroidSDKSlim
2015-04-26 09:17:05 ----A---- C:\WINDOWS\system32\drivers\aswC3BC.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw976B.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw976A.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9769.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9768.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9757.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9756.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9755.tmp
2015-04-26 09:16:54 ----A---- C:\WINDOWS\system32\drivers\asw9735.tmp
2015-04-26 09:16:50 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-04-26 03:39:20 ----A---- C:\WINDOWS\system32\bddel.exe
2015-04-26 03:39:19 ----A---- C:\WINDOWS\system32\bddel.dat
2015-04-26 01:21:39 ----A---- C:\WINDOWS\Reimage.ini
2015-04-26 01:20:50 ----D---- C:\Users\David\AppData\Roaming\LavasoftStatistics
2015-04-26 01:20:27 ----A---- C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-04-26 01:20:26 ----A---- C:\WINDOWS\SYSWOW64\LavasoftTcpService.dll
2015-04-26 01:20:09 ----D---- C:\Program Files (x86)\Lavasoft
2015-04-26 01:19:11 ----D---- C:\Program Files\Lavasoft
2015-04-26 01:17:53 ----D---- C:\Users\David\AppData\Roaming\Lavasoft
2015-04-26 01:17:47 ----D---- C:\Program Files\Common Files\Lavasoft
2015-04-26 01:17:13 ----D---- C:\ProgramData\Lavasoft
2015-04-26 00:35:39 ----D---- C:\WINDOWS\%LOCALAPPDATA%
2015-04-25 23:38:53 ----A---- C:\WINDOWS\avastSS.scr
2015-04-23 22:36:37 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-04-23 22:24:02 ----RD---- C:\Program Files (x86)\Skype
2015-04-18 19:47:18 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-04-18 19:47:18 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-04-18 19:47:17 ----A---- C:\WINDOWS\system32\invagent.dll
2015-04-18 19:47:17 ----A---- C:\WINDOWS\system32\devinv.dll
2015-04-18 19:47:17 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-04-18 19:47:17 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-04-18 19:47:17 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-04-18 19:46:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-04-18 19:46:42 ----A---- C:\WINDOWS\system32\msctf.dll
2015-04-18 19:39:41 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-04-18 19:39:41 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-04-18 19:39:41 ----A---- C:\WINDOWS\system32\tdh.dll
2015-04-18 19:39:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-04-18 19:39:41 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-04-18 19:39:40 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-04-18 19:39:40 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-04-18 19:39:40 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-04-18 19:39:40 ----A---- C:\WINDOWS\system32\wow64.dll
2015-04-18 19:39:40 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-04-18 19:39:40 ----A---- C:\WINDOWS\system32\sechost.dll
2015-04-18 19:39:40 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-18 19:37:54 ----A---- C:\WINDOWS\system32\lsm.dll
2015-04-18 19:37:53 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-04-18 19:37:53 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-04-18 19:37:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-04-18 19:37:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-04-18 19:37:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-04-18 19:37:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-04-18 19:37:47 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-04-18 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-04-18 19:37:46 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-04-18 19:37:46 ----A---- C:\WINDOWS\system32\wininet.dll
2015-04-18 19:37:46 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-04-18 19:37:46 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\jscript.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-04-18 19:37:45 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-04-18 19:37:28 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-04-18 19:37:05 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-04-18 19:37:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-04-18 19:37:05 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-04-18 19:37:04 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-04-18 19:37:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-04-18 19:37:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-04-18 19:37:03 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-04-18 19:37:03 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wups2.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wups.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-04-18 19:37:03 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-04-12 10:05:30 ----D---- C:\ProgramData\Browser AdBlocker

======List of files/folders modified in the last 1 month======

2015-05-10 11:15:11 ----D---- C:\Program Files
2015-05-10 11:05:01 ----D---- C:\WINDOWS\Temp
2015-05-10 11:00:02 ----D---- C:\WINDOWS\system32\sru
2015-05-10 10:47:44 ----D---- C:\Program Files (x86)\Steam
2015-05-10 10:40:02 ----D---- C:\WINDOWS\Prefetch
2015-05-10 10:34:01 ----D---- C:\Windows
2015-05-10 10:34:00 ----D---- C:\WINDOWS\Inf
2015-05-09 17:41:41 ----D---- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2015-05-09 17:40:03 ----D---- C:\WINDOWS\Minidump
2015-05-09 17:40:03 ----D---- C:\WINDOWS\Logs
2015-05-09 17:40:03 ----D---- C:\WINDOWS\debug
2015-05-09 17:19:18 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-05-09 17:15:47 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-09 17:14:50 ----A---- C:\WINDOWS\wininit.ini
2015-05-09 17:14:47 ----RD---- C:\WINDOWS\System32
2015-05-09 17:14:47 ----D---- C:\ProgramData\Spybot - Search & Destroy
2015-05-09 16:58:26 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-09 14:29:42 ----HD---- C:\Program Files\WindowsApps
2015-05-09 13:07:39 ----D---- C:\WINDOWS\SysWOW64
2015-05-09 13:04:53 ----D---- C:\WINDOWS\system32\Tasks
2015-05-09 12:35:20 ----D---- C:\Users\David\AppData\Roaming\Dropbox
2015-05-08 13:50:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-08 12:25:21 ----D---- C:\WINDOWS\system32\drivers
2015-05-08 11:20:10 ----D---- C:\WINDOWS\system32\NDF
2015-05-08 11:12:20 ----RD---- C:\Program Files (x86)
2015-05-08 08:48:40 ----D---- C:\Users\David\AppData\Roaming\ViberPC
2015-05-08 07:50:51 ----HD---- C:\ProgramData
2015-05-08 07:49:38 ----SHD---- C:\WINDOWS\Installer
2015-05-08 00:53:43 ----D---- C:\WINDOWS\system32\config
2015-05-07 23:24:55 ----RSD---- C:\WINDOWS\assembly
2015-05-07 23:21:19 ----SHD---- C:\System Volume Information
2015-05-07 21:16:05 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-07 21:16:05 ----D---- C:\WINDOWS\system32\catroot
2015-05-07 21:10:26 ----D---- C:\WINDOWS\AppReadiness
2015-05-07 20:02:37 ----D---- C:\ProgramData\NVIDIA
2015-05-07 20:00:25 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-01 18:51:27 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-05-01 18:51:27 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-05-01 18:50:57 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-05-01 18:50:57 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2015-05-01 10:38:59 ----D---- C:\WINDOWS\system32\catroot2
2015-05-01 10:34:59 ----D---- C:\Users\David\AppData\Roaming\.minecraft
2015-04-26 12:03:10 ----D---- C:\WINDOWS\system32\wdi
2015-04-26 11:37:48 ----D---- C:\WINDOWS\Tasks
2015-04-26 11:11:47 ----D---- C:\WINDOWS\rescache
2015-04-26 10:06:11 ----D---- C:\Program Files (x86)\SoalePLus
2015-04-26 10:06:06 ----D---- C:\Program Files (x86)\Send Page
2015-04-26 10:06:04 ----D---- C:\Program Files (x86)\SalePlus
2015-04-26 10:02:27 ----D---- C:\Program Files (x86)\LemurLeap
2015-04-26 03:43:09 ----D---- C:\ProgramData\{a4a88adb-c968-7389-a4a8-88adbc962b6f}
2015-04-26 03:36:15 ----D---- C:\Program Files (x86)\BorderlineMonitor
2015-04-26 01:17:47 ----D---- C:\Program Files\Common Files
2015-04-25 23:22:02 ----D---- C:\WINDOWS\AppCompat
2015-04-23 22:36:40 ----D---- C:\WINDOWS\WinSxS
2015-04-23 22:27:27 ----SD---- C:\WINDOWS\system32\CompatTel
2015-04-23 22:27:26 ----D---- C:\WINDOWS\system32\appraiser
2015-04-23 22:27:26 ----D---- C:\WINDOWS\apppatch
2015-04-23 22:27:23 ----D---- C:\WINDOWS\system32\cs-CZ
2015-04-23 22:27:19 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-04-23 22:27:19 ----D---- C:\Program Files\Internet Explorer
2015-04-23 22:24:20 ----D---- C:\WINDOWS\CbsTemp
2015-04-23 22:24:04 ----D---- C:\Program Files (x86)\Common Files
2015-04-23 22:23:58 ----D---- C:\ProgramData\Skype
2015-04-18 20:09:34 ----D---- C:\ProgramData\Microsoft Help
2015-04-18 20:09:11 ----D---- C:\WINDOWS\system32\MRT
2015-04-18 19:58:03 ----A---- C:\WINDOWS\system32\MRT.exe
2015-04-18 19:54:01 ----A---- C:\WINDOWS\win.ini
2015-04-18 19:49:48 ----D---- C:\ProgramData\1228960646354764351
2015-04-18 19:19:29 ----A---- C:\WINDOWS\system32\wuaext.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-04-25 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-04-25 272248]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-04-09 31376]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-04-25 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-04-25 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-04-25 442264]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 dtsoftbus01;@oem65.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-02-09 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-04-25 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-04-25 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-04-25 137288]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 ASUSVRC64;@oem68.inf,%ASUSVRC.DeviceDesc%;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC64.sys [2008-10-13 23424]
R3 athr;@oem89.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem3.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [2015-01-22 155912]
R3 HIDSwitch;@oem87.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-28 4124176]
R3 IntcDAud;@oem57.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-27 342528]
R3 iwdbus;@oem95.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem12.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem35.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-04-09 10423952]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-01 19600]
R3 nvvad_WaveExtensible;@oem18.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RSBASTOR;@oem5.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2012-06-13 294544]
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2012-06-12 683664]
R3 teamviewervpn;@oem70.inf,%DeviceDescription%;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2013-06-06 35112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 podwy;podwy; C:\WINDOWS\system32\drivers\ogonyxfm.sys []
S3 androidusb;@oem25.inf,%androidusb.SvcDesc%;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-31 344216]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-31 114840]
S3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-31 178840]
S3 BTATH_RCP;@oem17.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-31 135832]
S3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
S3 intaud_WaveExtensible;@oem94.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RTL2832UBDA;@oem66.inf,%RTLUSBDEV.BDA_Desc%;REALTEK 2832U BDA Driver; C:\WINDOWS\system32\drivers\RTL2832UBDA.sys [2012-08-03 237968]
S3 RTL2832UUSB;@oem66.inf,%RTLUSBDEV.USB_Desc%;REALTEK 2832U USB Driver; C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys [2012-08-03 39056]
S3 ssudeadb;@oem150.inf,%ssud.Service.DeviceDesc%;SAMSUNG Android Composite ADB(V1.5) Interface Driver ; C:\WINDOWS\System32\Drivers\ssudeadb.sys [2012-07-31 38752]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2015-01-22 452040]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;Adaptér USB RNDIS6; C:\WINDOWS\System32\drivers\usb80236.sys [2013-08-22 20992]
S3 VBoxNetAdp;@oem107.inf,%VBoxNetAdp_Desc%;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2013-12-18 140560]
S3 VBoxNetFlt;@oem105.inf,%VBoxNetFltService_Desc%;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S4 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\drivers\BTATH_LWFLT.sys []
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-31 216192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-25 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-01 1152656]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-01 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-01 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-04-08 936264]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-04-10 350528]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-01 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-01 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []

-----------------EOF-----------------

[Roli]

Ale, ale copak uděláme s tím nelegálním produktem od Microsoftu ?

[dkdavid3]

No zajímá mně docela s jakým??

[Roli]

No zajímá mně docela s jakým??

Je tam vidět crack na Microsoft Office.

[dkdavid3]

No tak to je tedy dost zvláštní,protože notebook jsem kupoval i se systémem a nic jiného tam od nich nemám...

[Roli]

Tak to smažem a uvidíme


Odinstaluj ještě Ad-Aware a Browser AdBlocker


Tohle :

C:\WINDOWS\SYSWOW64\drivers\ogonyxfm.sys

otestuj na VIRUSTOTAL

(po načtení stránky klikni na tlačítko Procházet - Choose File, najdi cestu k výše zmíněnému souboru

nebo tam výše zmíněný text nakopíruj a klikni na tlačítko Odeslat soubor - Scan It!

trvá to okolo deseti minut pak mi sem zkopíruj link, to je ten řádek nahoře v prohlížeči)

Pokud ti to napíše že soubor již byl testován nech Otestovat znovu - Reanalyse.


Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Toolbar Service (TBSrv)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát.


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\drivers\aswC3BC.tmp
C:\WINDOWS\system32\drivers\asw976B.tmp
C:\WINDOWS\system32\drivers\asw976A.tmp
C:\WINDOWS\system32\drivers\asw9769.tmp
C:\WINDOWS\system32\drivers\asw9768.tmp
C:\WINDOWS\system32\drivers\asw9757.tmp
C:\WINDOWS\system32\drivers\asw9756.tmp
C:\WINDOWS\system32\drivers\asw9755.tmp
C:\WINDOWS\system32\drivers\asw9735.tmp

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoKMS"=-

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[dkdavid3]

Zdravím,
tak tady posílám to co mi vyhodil VIRUSTOTAL
https://www.virustotal.com/cs/file/03cb ... /analysis/

[dkdavid3]

Tady je log z AdwCleaneru.
# AdwCleaner v4.204 - Log vytvořen 13/05/2015 v 19:53:00
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : David - PC-DAVID
# Spuštěno z : C:\Users\David\Downloads\adwcleaner_4.204.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : TBSrv

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\Conduit
Složka Smazáno : C:\ProgramData\IBUpdaterService
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\Tbccint
Složka Smazáno : C:\ProgramData\1228960646354764351
Složka Smazáno : C:\ProgramData\{a4a88adb-c968-7389-a4a8-88adbc962b6f}
Složka Smazáno : C:\Program Files (x86)\BS_Player_ControlBar
Složka Smazáno : C:\Program Files (x86)\Conduit
Složka Smazáno : C:\Program Files (x86)\LemurLeap
Složka Smazáno : C:\Program Files (x86)\Mobogenie
Složka Smazáno : C:\Program Files (x86)\SmartTweak
Složka Smazáno : C:\Program Files (x86)\Tbccint
Složka Smazáno : C:\Program Files (x86)\SalePlus
Složka Smazáno : C:\Program Files (x86)\SoalePLus
Složka Smazáno : C:\Program Files (x86)\MediaPlayerV1
Složka Smazáno : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Složka Smazáno : C:\Users\David\AppData\Local\genienext
Složka Smazáno : C:\Users\David\AppData\Local\Mobogenie
Složka Smazáno : C:\Users\David\AppData\Local\Tbccint
Složka Smazáno : C:\Users\David\AppData\LocalLow\BS_Player_ControlBar
Složka Smazáno : C:\Users\David\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\David\AppData\LocalLow\PriceGong
Složka Smazáno : C:\Users\David\AppData\LocalLow\Tbccint
Složka Smazáno : C:\Users\David\AppData\LocalLow\BS_Player_ControlBar_B
Složka Smazáno : C:\Users\David\AppData\Roaming\goforfiles
Složka Smazáno : C:\Users\David\AppData\Roaming\newnext.me
Složka Smazáno : C:\Users\David\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\David\AppData\Roaming\PerformerSoft
Složka Smazáno : C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\David\cminstaller\Documents\Mobogenie
Složka Smazáno : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\d96zs9o5.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfgmigibdamhiimcbcnhhfmgegejhpf
Složka Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Složka Smazáno : C:\ProgramData\aekanedhfmibefmkakpkkmccbpmaekih
Soubor Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jlnfdbbladgcmhhamgkioifhbobjaoof_0.localstorage
Soubor Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jlnfdbbladgcmhhamgkioifhbobjaoof
Soubor Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chlffgpmiacpedhhbkiomidkjlcfhogd_0.localstorage
Soubor Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage
Soubor Smazáno : C:\WINDOWS\Reimage.ini
Soubor Smazáno : C:\Users\David\AppData\Local\Temp\Uninstall.exe
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe
Soubor Smazáno : C:\Users\David\daemonprocess.txt
Soubor Smazáno : C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Soubor Smazáno : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\d96zs9o5.default\searchplugins\securesearch.xml
Soubor Smazáno : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

***** [ Naplánované úlohy ] *****

Úloha Smazáno : BackgroundContainer Startup Task
Úloha Smazáno : Desk 365 RunAsStdUser
Úloha Smazáno : GoforFilesUpdate

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\Users\David\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registry ] *****

Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@MediaPlayerV1alpha854.net]
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki
Klíč Smazáno : HKCU\Software\Classes\pokki
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\iLivid.torrent
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\80f8a0b9-2a1d-2cfc-eb0f-44ae646804f7
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1750559
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD2DE416-7EF9-49B4-BDAB-D0284F81140F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1FB715AC-0B0C-4B25-AF55-5D60EC386154}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A0D283E7-990F-4A39-8504-94E0E110466A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F1209BF4-8822-478E-83DF-09DA600C6EF2}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\BI
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\GoforFiles
Klíč Smazáno : HKCU\Software\ilivid
Klíč Smazáno : HKCU\Software\Myfree Codec
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\smarttweak
Klíč Smazáno : HKCU\Software\Tbccint
Klíč Smazáno : HKCU\Software\Tbccint_HKLM
Klíč Smazáno : HKCU\Software\V9
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\LemurLeap
Klíč Smazáno : HKCU\Software\TNT2
Klíč Smazáno : HKCU\Software\AppDataLow\Toolbar
Klíč Smazáno : HKCU\Software\AppDataLow\Software\adawarebp
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainer
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíč Smazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíč Smazáno : HKCU\Software\AppDataLow\Software\PriceGong
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Tbccint
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Klíč Smazáno : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\GoforFiles
Klíč Smazáno : HKLM\SOFTWARE\hdcode
Klíč Smazáno : HKLM\SOFTWARE\Myfree Codec
Klíč Smazáno : HKLM\SOFTWARE\qvo6Software
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\LemurLeap
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Better-Surf
Klíč Smazáno : HKLM\SOFTWARE\BS_Player_ControlBar
Klíč Smazáno : HKLM\SOFTWARE\MediaPlayerV1alpha854
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v42.0.2311.135

[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : jlnfdbbladgcmhhamgkioifhbobjaoof
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aohghmighlieiainnegkcijnfilokake
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : apdfllckaahabafndbhieahigkjlhalf
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : chlffgpmiacpedhhbkiomidkjlcfhogd
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : gomekmidlodglbbmalcneegieacbdmki
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : hnfgmigibdamhiimcbcnhhfmgegejhpf
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : nmmhkkegccagdldgiimedpiccmgmieda
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : aekanedhfmibefmkakpkkmccbpmaekih
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=14283 ... UEA51UEA51
[C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Default_Search_Provider_Data] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

*************************

AdwCleaner[R0].txt - [16608 bytů] - [13/05/2015 19:49:44]
AdwCleaner[S0].txt - [14856 bytů] - [13/05/2015 19:53:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14915 bytů] ##########

[dkdavid3]

Tak a tady je log z OTMovelt

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\AutoKMS.exe not found.
File/Folder C:\WINDOWS\LastGood.Tmp not found.
File/Folder C:\WINDOWS\system32\drivers\aswC3BC.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw976B.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw976A.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9769.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9768.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9757.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9756.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9755.tmp not found.
File/Folder C:\WINDOWS\system32\drivers\asw9735.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: David
->Temp folder emptied: 18 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2678 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 05132015_201703

Files moved on Reboot...
C:\Users\David\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Roli]

Zdravím,
tak tady posílám to co mi vyhodil VIRUSTOTAL
https://www.virustotal.com/cs/file/03cb ... /analysis/

Ahoj,

ale to bylo analyzováno 2015-04-17 16:57:46, já potřebuji ten Tvůj soubor.

[dkdavid3]

Ahoj,
no teď sem ale vedle,nevím který můj soubor?

[dkdavid3]

No to je nějaký nesmysl,postupoval jsem jak si napsal a provedl to 13.5. tak jak jsem to tam vložil.

[Roli]

No tento :

C:\WINDOWS\SYSWOW64\drivers\ogonyxfm.sys

tam je když se podíváš na odkaz cos mi dal ještě ke všemu úplně jiný jbenysd.sys