Kontrola logu

[E707]

Dobrý den, rád bych poprosil o kontrolu logu. Občas dlouho trvá než se začnou načítat stránky a několikrát mi zamrzl celý počítač. Tak bych potřeboval vyloučit, že jde o případ havěti. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by E707 at 2015-05-21 19:49:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 102 GB (33%) free of 307 GB
Total RAM: 8183 MB (72% free)


======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 20819568
\??\C:\Windows\system32\conhost.exe "20248188511568276877638118125-21142682811987422500-20927155851226433019-984230617
"C:\PROGRAM FILES\NVIDIA CORPORATION\DISPLAY\NVXDSYNC.EXE"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
taskeng.exe {9C1289DB-A98B-4BE7-8F5E-8BF8FE50058F}
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe"
"C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe" -b
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" c07c9551-da7c-4b1f-9829-2cde5543aab1 1
\??\C:\Windows\system32\conhost.exe "6737878601454239676-15643906615272730721520186863-1396775853-1314575942-2028199484
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-16980368934735154771647241350-1110241869-1099098740-17748181811765339277912345689
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE 0x134
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7968.0.532220872\1757037087" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43,52 --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5286 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/heuristics/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=7968 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7968.2.401505283\752021913" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/heuristics/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=7968 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7968.3.1712736164\216402925" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/heuristics/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=7968 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7968.4.791297881\2023272554" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/heuristics/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=7968 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7968.5.265701539\643645727" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_81/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultDisabled/*V8CacheOptions/heuristics/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=7968 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7968.9.835650428\1770125060" /prefetch:673131151
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\E707\Downloads\hijackthis.log
"C:\Program Files\trend micro\E707.exe" /silentautolog
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\E707\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe -check pepperplugin
C:\Windows\tasks\Chromium.job - C:\Users\E707\AppData\Local\Chromium\APPLIC~1\UNINST~1.EXE /Check
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-08 1570672]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-01-26 3860304]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-01-26 5456720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-10-07 2109952]
"TurboV EVO"=C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [2009-11-06 8619008]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-21 2583040]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-21 19:48:27 ----D---- C:\rsit
2015-05-21 19:48:27 ----D---- C:\Program Files\trend micro
2015-05-21 14:49:22 ----D---- C:\Program Files (x86)\Opera
2015-05-20 23:11:09 ----D---- C:\Program Files (x86)\UnblockVPN
2015-05-20 22:10:44 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-05-20 22:10:44 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-05-20 22:10:44 ----A---- C:\Windows\system32\dwmcore.dll
2015-05-20 22:10:44 ----A---- C:\Windows\system32\dwmapi.dll
2015-05-20 22:08:34 ----A---- C:\Windows\system32\drivers\stream.sys
2015-05-20 21:27:52 ----D---- C:\Users\E707\AppData\Roaming\TeamViewer
2015-05-20 19:51:44 ----D---- C:\Program Files\CCleaner
2015-05-20 18:24:48 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-05-20 18:23:04 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-05-20 18:23:04 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-05-20 18:23:04 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-05-20 18:23:04 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-20 18:23:04 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-05-20 18:23:03 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvopencl.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvoglv64.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvinitx.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\NvIFR64.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\NvFBC64.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvcuvid.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvcuda.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\nvcompiler.dll
2015-05-20 18:23:03 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-05-20 17:34:30 ----A---- C:\Windows\system32\drivers\PcaSp60.sys
2015-05-20 17:33:34 ----A---- C:\Windows\system32\bcmwlcoi.dll
2015-05-20 17:33:31 ----A---- C:\Windows\system32\drivers\BCMWL664.SYS
2015-05-20 17:33:27 ----A---- C:\Windows\system32\bcmihvui64.dll
2015-05-20 17:33:24 ----A---- C:\Windows\system32\bcmihvsrv64.dll
2015-05-20 17:33:08 ----A---- C:\Windows\SYSWOW64\drivers\PcaSp60.sys
2015-05-19 22:51:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-19 22:51:33 ----D---- C:\Windows\system32\Macromed
2015-05-19 22:22:03 ----D---- C:\Users\E707\AppData\Roaming\Spyware Terminator
2015-05-19 22:22:03 ----D---- C:\ProgramData\Spyware Terminator
2015-05-19 22:22:00 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-05-13 02:08:44 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 02:08:44 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 00:26:41 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 00:26:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 00:26:41 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 00:26:41 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 00:26:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 00:26:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 00:26:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 00:26:37 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 00:26:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 00:26:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 00:26:36 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 00:26:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 00:26:36 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 00:26:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 00:26:36 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 00:26:36 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 00:26:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 00:26:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 00:26:35 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 00:26:35 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 00:26:34 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 00:26:34 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 00:26:34 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 00:26:34 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 00:26:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 00:26:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 00:26:33 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 00:26:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 00:26:33 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 00:26:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 00:26:32 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 00:26:32 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 00:26:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 00:26:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 00:26:30 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 00:26:30 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 00:26:29 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 00:26:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 00:26:29 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 00:26:29 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 00:26:28 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 00:26:28 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 00:26:28 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 00:26:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 00:26:27 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 00:26:27 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 00:26:27 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 00:26:27 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 00:26:26 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 00:26:25 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 00:26:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 00:26:25 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 00:24:53 ----A---- C:\Windows\system32\services.exe
2015-05-13 00:24:44 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 00:24:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 00:24:44 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 00:24:44 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 00:24:43 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 00:24:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 00:24:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 00:24:43 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 00:24:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 00:24:42 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 00:24:42 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\logman.exe
2015-05-13 00:24:42 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 00:24:42 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 00:24:42 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 00:24:42 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 00:24:42 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 00:24:41 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 00:24:41 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\smss.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\relog.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 00:24:41 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 00:24:41 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 00:24:40 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 00:24:40 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 00:24:40 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 00:24:40 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 00:24:40 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 00:24:40 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 00:24:29 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 00:24:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 00:24:28 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 00:24:28 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 00:24:24 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 00:24:24 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 00:24:23 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 00:24:22 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 00:24:22 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 00:24:20 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 00:24:20 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 00:24:19 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 00:24:19 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 00:24:19 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 00:24:19 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 00:24:19 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-13 00:24:18 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 00:24:18 ----A---- C:\Windows\system32\shimeng.dll
2015-04-27 18:18:20 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-27 18:18:20 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-27 18:18:19 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-22 23:00:45 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-22 23:00:40 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-05-21 19:49:37 ----D---- C:\Windows\Temp
2015-05-21 19:48:40 ----D---- C:\Windows\Prefetch
2015-05-21 19:48:27 ----RD---- C:\Program Files
2015-05-21 18:33:17 ----D---- C:\Windows\system32\config
2015-05-21 16:12:04 ----D---- C:\Windows\system32\NDF
2015-05-21 16:10:32 ----D---- C:\Windows\Tasks
2015-05-21 16:10:32 ----D---- C:\Windows\system32\Tasks
2015-05-21 14:49:54 ----D---- C:\Users\E707\AppData\Roaming\Opera Software
2015-05-21 14:49:22 ----RD---- C:\Program Files (x86)
2015-05-21 14:33:53 ----D---- C:\Windows\System32
2015-05-21 14:33:53 ----D---- C:\Windows\inf
2015-05-21 14:33:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-21 14:27:58 ----D---- C:\ProgramData\NVIDIA
2015-05-20 22:32:42 ----D---- C:\Windows\winsxs
2015-05-20 22:31:29 ----D---- C:\Windows\SysWOW64
2015-05-20 22:11:08 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-20 22:11:08 ----SD---- C:\Windows\system32\GWX
2015-05-20 22:10:58 ----D---- C:\Windows\system32\drivers
2015-05-20 22:10:54 ----SHD---- C:\System Volume Information
2015-05-20 21:25:59 ----D---- C:\Windows
2015-05-20 19:57:49 ----D---- C:\Windows\system32\catroot
2015-05-20 19:52:52 ----D---- C:\Program Files (x86)\Steam
2015-05-20 19:52:49 ----D---- C:\Windows\Panther
2015-05-20 19:52:49 ----D---- C:\Windows\Logs
2015-05-20 19:52:49 ----D---- C:\Windows\debug
2015-05-20 18:26:28 ----D---- C:\Users\E707\AppData\Roaming\Dropbox
2015-05-20 18:25:11 ----D---- C:\ProgramData\NVIDIA Corporation
2015-05-20 18:24:46 ----D---- C:\Windows\system32\DriverStore
2015-05-20 18:24:03 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-20 17:34:29 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-20 17:33:03 ----D---- C:\Program Files (x86)\ASUS
2015-05-20 17:33:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-19 22:58:37 ----HD---- C:\ProgramData
2015-05-19 22:58:37 ----D---- C:\Program Files (x86)\Common Files
2015-05-19 22:35:25 ----D---- C:\Windows\system32\GroupPolicy
2015-05-19 17:11:13 ----D---- C:\Users\E707\AppData\Roaming\KeePass
2015-05-18 15:57:29 ----D---- C:\Windows\system32\LogFiles
2015-05-16 00:23:05 ----SHD---- C:\Windows\Installer
2015-05-14 01:00:21 ----D---- C:\Windows\rescache
2015-05-14 00:42:13 ----D---- C:\Windows\Microsoft.NET
2015-05-13 23:51:23 ----RSD---- C:\Windows\assembly
2015-05-13 23:36:48 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-13 23:36:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-05-13 23:36:48 ----D---- C:\Windows\system32\en-US
2015-05-13 23:36:48 ----D---- C:\Windows\system32\cs-CZ
2015-05-13 23:36:48 ----D---- C:\Program Files\Internet Explorer
2015-05-13 23:36:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 23:36:42 ----D---- C:\Windows\AppPatch
2015-05-13 23:36:41 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 23:36:41 ----D---- C:\Program Files\Windows Journal
2015-05-13 09:52:35 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2015-05-13 02:13:13 ----D---- C:\Windows\system32\MRT
2015-05-13 02:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 00:23:54 ----D---- C:\Windows\system32\catroot2
2015-05-12 09:27:22 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-05-12 09:27:22 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-05-12 09:27:22 ----A---- C:\Windows\system32\OpenCL.dll
2015-05-12 09:27:22 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-05-12 09:27:22 ----A---- C:\Windows\system32\nvapi64.dll
2015-05-12 06:30:36 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-12 06:30:36 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-12 06:30:36 ----A---- C:\Windows\system32\nvshext.dll
2015-05-12 06:30:36 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-12 06:30:35 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-12 06:30:35 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-12 02:03:09 ----SD---- C:\ProgramData\Microsoft
2015-05-08 03:35:20 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-05-08 03:35:20 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-05-08 03:34:36 ----A---- C:\Windows\system32\nvspcap64.dll
2015-05-08 03:34:36 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-04-27 18:21:40 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-22 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-22 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2009-07-06 13368]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-22 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-22 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-22 442264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-22 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-22 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-22 137288]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-22 273824]
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-07-03 7764216]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-27 176640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-09-17 1250816]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-01-27 14464]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-08-19 90112]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-22 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-03-13 20512]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 1152656]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-12 937288]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-12-08 76888]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-01-26 3037520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-12 410768]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-22 4034896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07 107912]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Roli]

Zdravím, stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Pak použij Mbam z mého podisu a dej mi sem z něj log, předem nic nemazat !

[E707]

Report z AdwCleaner,

# AdwCleaner v4.205 - Log vytvořen 22/05/2015 v 20:23:30
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-21.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : E707 - E707-PC
# Spuštěno z : C:\Users\E707\Downloads\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : sp_rsdrv2

***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\E707\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_eofcbnmajmjmplflapaojjnihcjkigck_0.localstorage

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Google Chrome v43.0.2357.65

[C:\Users\E707\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://fi.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_21&param1=1&param2=f%3D4%26b%3DChrome%26cc%3Dfi%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzyyEtD0CyC0Dzz0EyC0B0AtD0CzytAyDtN0D0Tzu0StCtBtAyEtN1L2XzutAtFtCtDtFzytFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtBzytCtByE0DtAtGyB0C0E0EtGzzyBzytDtGzy0DyEyCtGtAtBtD0AtA0FtC0AtC0FtBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyDzyyB0FtC0CzztG0CtB0CzytGyE0A0EyDtGzz0CtByCtG0F0CtA0A0FyCtD0FyBzzzz0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByCtD%26cr%3D985665798%26a%3Dwncy_ir_15_21%26os%3DWindows 7 Home Premium&p={searchTerms}
[C:\Users\E707\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] :
[C:\Users\E707\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : C77FCEE461C77EA2E473C91D02BCF3A3BA7AEA46267CDF24FC83FE0D432C42B2"},"software_reporter":{"prompt_reason":"CE978DF91E864720DF0174E02BA6BA9A6501891A990692CF215FD50CAA555ED8","prompt_seed":"763A2A9672418CD0ECA4BB8555A3E99BB7E94398174015C2A06CFFB6175DF4A5","prompt_version":"1AEEC12E5548E38FA65C61F68A569D8DD3651AB6E442825C24DBEDCDD2BBE714"},"sync":{"remaining_rollback_tries":"5A9D5E7F6CC269D1A03EA4ECA79016553F1E1D19AEF010FAEEB03D4824533251"}},"super_mac":"CD46D9F5C34A4ACB2009F03531B8C3D96ACF40FB8947F3BB4E4E4E9A3519779F"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://fi.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_21&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dfi%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzyyEtD0CyC0Dzz0EyC0B0AtD0CzytAyDtN0D0Tzu0StCtBtAyEtN1L2XzutAtFtCtDtFzytFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtBzytCtByE0DtAtGyB0C0E0EtGzzyBzytDtGzy0DyEyCtGtAtBtD0AtA0FtC0AtC0FtBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyDzyyB0FtC0CzztG0CtB0CzytGyE0A0EyDtGzz0CtByCtG0F0CtA0A0FyCtD0FyBzzzz0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByCtD%26cr%3D985665798%26a%3Dwncy_ir_15_21%26os%3DWindows 7 Home Premium

-\\ Chromium v


-\\ Opera v29.0.1795.60


*************************

AdwCleaner[R0].txt - [8153 bytů] - [22/05/2015 20:16:09]
AdwCleaner[R1].txt - [8886 bytů] - [22/05/2015 20:19:37]
AdwCleaner[S0].txt - [3379 bytů] - [22/05/2015 20:23:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3437 bytů] ##########

[E707]

Log z Mbam

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.5.2015
Čas skenování: 20:32:48
Protokol: log Mbam.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.22.03
Databáze rootkitů: v2015.05.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: E707

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 328665
Uplynulý čas: 4 min, 54 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Roli]

Mbam zase odinstaluj.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[E707]

ComboFix 15-05-19.01 - E707 22.05.2015 21:35:21.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8183.6871 [GMT 3:00]
Spuštěný z: c:\users\E707\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-22 do 2015-05-22 )))))))))))))))))))))))))))))))
.
.
2015-05-22 18:38 . 2015-05-22 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-22 18:21 . 2015-05-22 18:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED5FD64F-23EB-49B9-BDAC-546FC0194921}\offreg.796.dll
2015-05-22 17:16 . 2015-05-22 17:23 -------- d-----w- C:\AdwCleaner
2015-05-22 16:25 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED5FD64F-23EB-49B9-BDAC-546FC0194921}\mpengine.dll
2015-05-21 17:04 . 2015-05-21 17:04 -------- d-----w- c:\programdata\Malwarebytes
2015-05-21 16:48 . 2015-05-21 16:49 -------- d-----w- C:\rsit
2015-05-21 16:48 . 2015-05-21 16:49 -------- d-----w- c:\program files\trend micro
2015-05-21 13:07 . 2015-05-21 13:10 -------- d-----w- c:\users\E707\AppData\Local\Adobe
2015-05-21 11:49 . 2015-05-21 12:58 -------- d-----w- c:\program files (x86)\Opera
2015-05-20 20:11 . 2015-05-20 20:11 -------- d-----w- c:\program files (x86)\UnblockVPN
2015-05-20 19:10 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-05-20 19:10 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-05-20 19:10 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-05-20 19:10 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-05-20 19:08 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-05-20 18:27 . 2015-05-20 18:27 -------- d-----w- c:\users\E707\AppData\Roaming\TeamViewer
2015-05-20 16:51 . 2015-05-20 16:51 -------- d-----w- c:\program files\CCleaner
2015-05-20 15:24 . 2015-05-12 02:34 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-05-20 14:34 . 2010-09-07 11:27 38912 ----a-w- c:\windows\system32\drivers\PcaSp60.sys
2015-05-20 14:33 . 2014-07-03 14:55 96600 ----a-w- c:\windows\system32\bcmwlcoi.dll
2015-05-20 14:33 . 2014-07-03 14:56 7764216 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2015-05-20 14:33 . 2014-07-03 14:56 3667968 ----a-w- c:\windows\system32\bcmihvui64.dll
2015-05-20 14:33 . 2014-07-03 14:56 4401152 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2015-05-20 14:33 . 2010-09-07 11:27 38912 ----a-w- c:\windows\SysWow64\drivers\PcaSp60.sys
2015-05-19 19:51 . 2015-05-21 13:09 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-19 19:51 . 2015-05-21 13:09 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-19 19:51 . 2015-05-19 19:51 -------- d-----w- c:\windows\system32\Macromed
2015-05-19 19:22 . 2015-05-21 12:01 -------- d-----w- c:\programdata\Spyware Terminator
2015-05-19 19:22 . 2015-05-19 19:22 -------- d-----w- c:\users\E707\AppData\Roaming\Spyware Terminator
2015-05-19 19:22 . 2015-05-19 19:22 -------- d-----w- c:\program files (x86)\Spyware Terminator
2015-05-19 11:23 . 2015-05-19 11:23 -------- d-----w- c:\users\E707\AppData\Local\Chromium
2015-05-19 11:22 . 2015-05-19 11:29 -------- d-----w- c:\users\E707\AppData\Local\JDownloader v2.0
2015-05-12 23:08 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 23:08 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:24 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-03 21:39 . 2015-05-03 21:39 -------- d-----w- c:\users\E707\AppData\Local\Diagnostics
2015-04-27 15:18 . 2015-04-09 00:58 1895568 ----a-w- c:\windows\system32\nvdispco6435012.dll
2015-04-27 15:18 . 2015-04-09 00:58 1557648 ----a-w- c:\windows\system32\nvdispgenco6435012.dll
2015-04-27 15:18 . 2015-05-12 06:27 2971776 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-04-22 20:00 . 2015-04-22 20:00 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-22 20:00 . 2015-04-22 20:00 43112 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-13 06:52 . 2015-02-15 12:20 1558848 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-05-12 23:10 . 2014-12-07 16:36 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 06:27 . 2014-12-07 16:48 112784 ----a-w- c:\windows\system32\OpenCL.dll
2015-05-12 06:27 . 2014-12-07 16:48 105288 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-05-12 06:27 . 2014-08-19 20:15 17540416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-05-12 06:27 . 2014-08-19 20:14 12849056 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-05-12 06:27 . 2014-08-19 20:14 3363224 ----a-w- c:\windows\system32\nvapi64.dll
2015-05-12 03:30 . 2014-12-07 16:48 937288 ----a-w- c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2014-12-07 16:48 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2014-12-07 16:48 385352 ----a-w- c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2014-12-07 16:48 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2014-12-07 16:48 6872392 ----a-w- c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2014-12-07 16:48 3490448 ----a-w- c:\windows\system32\nvsvc64.dll
2015-05-11 17:01 . 2014-12-07 16:48 4391871 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-08 00:35 . 2014-12-07 16:32 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-05-08 00:35 . 2014-12-07 16:32 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-05-08 00:34 . 2014-12-07 16:32 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-05-08 00:34 . 2014-12-07 16:32 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-05-05 01:29 . 2015-05-12 21:26 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-12 21:26 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-27 19:23 . 2015-05-12 21:24 113664 ----a-w- c:\windows\system32\sechost.dll
2015-04-27 19:05 . 2015-05-12 21:24 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-04-27 19:04 . 2015-05-12 21:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-22 20:00 . 2014-12-07 15:52 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-22 20:00 . 2014-12-07 15:52 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-22 20:00 . 2014-12-07 15:52 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-22 20:00 . 2014-12-07 15:52 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-22 20:00 . 2014-12-07 15:52 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-22 20:00 . 2014-12-07 15:52 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-22 20:00 . 2014-12-07 15:52 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-22 20:00 . 2014-12-07 15:52 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-03-25 03:24 . 2015-04-15 21:05 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 21:05 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 21:05 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 21:05 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 21:05 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 21:05 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 21:05 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 21:05 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 21:05 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 21:05 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 21:05 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 21:05 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 21:05 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 21:05 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 21:05 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 21:05 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 21:05 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 21:05 769536 ----a-w- c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 21:05 419840 ----a-w- c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 21:05 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 21:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 21:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 21:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 21:05 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-15 21:05 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 21:05 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 21:05 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 21:05 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 21:05 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 21:05 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 21:03 367552 ----a-w- c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 21:03 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 21:24 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 21:24 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 21:03 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 21:24 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 21:24 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 21:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-02-25 03:18 . 2015-04-15 21:04 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-02-24 01:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-11 5515496]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-10-07 2109952]
"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2009-11-06 8619008]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 2583040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver;c:\windows\system32\DRIVERS\PcaSp60.sys;c:\windows\SYSNATIVE\DRIVERS\PcaSp60.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-19 20:04 986440 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-21 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-21 13:09]
.
2015-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07 15:54]
.
2015-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-07 15:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\E707\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-22 20:00 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-05-08 2685072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-05-08 1570672]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2015-01-26 3860304]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2015-01-26 5456720]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-05-22 21:39:30
ComboFix-quarantined-files.txt 2015-05-22 18:39
.
Před spuštěním: Volných bajtů: 103 456 071 680
Po spuštění: Volných bajtů: 103 339 724 800
.
- - End Of File - - AFF82056F924E84256947A6A355FADBE
A36C5E4F47E84449FF07ED3517B43A31

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.

[E707]

Zdravím, myslím, že je to v pořádku, zatím žádný zamrznutí nic. Moc děkuji za pomoc.

[Roli]

Není zač a