Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zavirovaný počítač

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Zavirovaný počítač

#1 Příspěvek od Nikola1989 »

Ahoj .. zjistila jsem, že mám zavirovaný počítač a nevím jak ho odvirovat. Pc je zpomalený, wifi blbne. Děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Nikola at 2015-12-17 13:26:09
Microsoft Windows 8.1
System drive C: has 347 GB (76%) free of 459 GB
Total RAM: 3986 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:18, on 17. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\Nikola\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\SFK\SSFK.exe
C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe
C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe
C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe
C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe
C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe
C:\Program Files\trend micro\Nikola.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 2_S0V1P15P
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.omniboxes.com/web/?type=ds&t ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 2_S0V1P15P
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 2_S0V1P15P
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.yoursites123.com/web/?type=d ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yoursites123.com/web/?type=d ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 2_S0V1P15P
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files (x86)\Minibar\Minibar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Minibar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [FLV Player] C:\Users\Nikola\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [AppsHat] C:\Users\Nikola\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\Minibar.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IhPul - tsvr.com - C:\Users\Nikola\AppData\Roaming\TSv\TSvr.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SSFK - TODO: <???> - C:\Program Files (x86)\SFK\SSFK.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WdMan Service (WdMan) - TFuns LIMITED - C:\ProgramData\HWdMH\WdMan.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Windows Service Modules (WSModules) - Unknown owner - C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe

--
End of file - 12509 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
c:\windows\system32\svchost.exe -k networkservice
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
taskeng.exe {74FDD3DA-19FD-4540-86B6-26CB8CDEC646}
c:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
c:\windows\system32\svchost.exe -k utcsvc
dashost.exe {994e63d7-3475-4b23-adf565529c4c8676}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Nikola\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
"C:\Program Files (x86)\SFK\SSFK.exe" -s
"C:\Program Files (x86)\SFK\SSFK.exe" -ns
"C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe"
"C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe" --type=gpu-process --channel="3616.0.1460989210\83592980" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3616.2.2123577530\1191784412" --font-cache-shared-handle=2360 /prefetch:673131151
"C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3616.8.769714608\459797711" --font-cache-shared-handle=3916 /prefetch:673131151
"C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3616.14.1821337564\1999637966" --font-cache-shared-handle=4396 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe122_ Global\UsGthrCtrlFltPipeMssGthrPipe122 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576

"C:\Users\Nikola\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e34aac978462.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e50b0a27319.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d07618398e800b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d090b15fcf1d7c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfc479d73488.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0f1c36aba658b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForNikola.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForNikola (null)
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20 460288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
MinibarBHO - C:\Program Files (x86)\Minibar\Minibar.dll [2013-09-19 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-11-24 1664000]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-08-19 5617432]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-24 3030256]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FLV Player"=C:\Users\Nikola\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [2012-10-26 202752]
"AppsHat"=C:\Users\Nikola\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-05-14 387832]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-09-07 581024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-17 13:26:10 ----D---- C:\Program Files\trend micro
2015-12-17 13:26:09 ----D---- C:\rsit
2015-12-16 18:51:25 ----D---- C:\ProgramData\Reimage Protector
2015-12-16 18:51:13 ----D---- C:\Program Files\Reimage
2015-12-16 18:51:02 ----D---- C:\rei
2015-12-16 18:50:08 ----A---- C:\WINDOWS\Reimage.ini
2015-12-10 09:46:12 ----D---- C:\Program Files (x86)\crxbro Browser
2015-12-09 13:41:58 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 13:41:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 13:41:37 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\system32\msctf.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbohci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\wininit.exe
2015-12-09 12:37:36 ----D---- C:\ProgramData\HWdMH
2015-12-09 12:36:25 ----D---- C:\ProgramData\1WdM1
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\system32\jscript.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\wininet.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-12-09 06:57:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-12-09 06:57:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-12-09 06:57:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ieui.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\user32.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\winresume.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\winload.exe
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2015-12-09 06:54:45 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wups2.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\system32\authui.dll
2015-11-26 09:05:47 ----D---- C:\Users\Nikola\AppData\Roaming\eCyber
2015-11-26 07:41:50 ----D---- C:\ProgramData\OWMiniProO

======List of files/folders modified in the last 1 month======

2015-12-17 13:26:10 ----RD---- C:\Program Files
2015-12-17 13:25:51 ----D---- C:\WINDOWS\Temp
2015-12-17 13:02:01 ----D---- C:\WINDOWS\system32\sru
2015-12-17 12:41:45 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-12-17 12:41:44 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-12-17 12:41:43 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-12-17 12:41:18 ----D---- C:\WINDOWS\Prefetch
2015-12-16 18:57:36 ----D---- C:\Program Files (x86)\SFK
2015-12-16 18:53:00 ----RD---- C:\WINDOWS\System32
2015-12-16 18:51:55 ----D---- C:\WINDOWS\system32\Tasks
2015-12-16 18:51:25 ----HD---- C:\ProgramData
2015-12-16 18:50:08 ----D---- C:\Windows
2015-12-16 13:29:51 ----D---- C:\WINDOWS\SysWOW64
2015-12-16 11:34:06 ----SHD---- C:\System Volume Information
2015-12-15 14:30:42 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-13 20:48:20 ----D---- C:\KMPlayer
2015-12-13 20:23:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-13 20:23:21 ----D---- C:\WINDOWS\Inf
2015-12-13 20:19:29 ----D---- C:\Program Files (x86)\WinZipper
2015-12-13 20:19:09 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-13 20:13:45 ----D---- C:\Users\Nikola\AppData\Roaming\Skype
2015-12-13 18:13:07 ----D---- C:\WINDOWS\rescache
2015-12-13 18:05:14 ----D---- C:\WINDOWS\system32\config
2015-12-13 12:40:59 ----SHD---- C:\WINDOWS\Installer
2015-12-13 12:40:59 ----D---- C:\ProgramData\Skype
2015-12-13 12:40:49 ----RD---- C:\Program Files (x86)\Skype
2015-12-13 12:40:48 ----D---- C:\Program Files (x86)\Common Files
2015-12-12 16:45:43 ----D---- C:\WINDOWS\system32\NDF
2015-12-12 12:21:54 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-11 13:39:56 ----D---- C:\WINDOWS\WinSxS
2015-12-11 13:17:01 ----RD---- C:\Program Files (x86)
2015-12-11 04:59:27 ----RSD---- C:\WINDOWS\Fonts
2015-12-11 04:59:24 ----D---- C:\WINDOWS\system32\drivers
2015-12-10 11:09:44 ----D---- C:\WINDOWS\CbsTemp
2015-12-10 11:09:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-12-10 11:09:34 ----D---- C:\WINDOWS\system32\cs-CZ
2015-12-10 11:09:04 ----D---- C:\WINDOWS\system32\MRT
2015-12-10 10:57:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-09 13:56:15 ----RSD---- C:\WINDOWS\assembly
2015-12-09 13:40:52 ----D---- C:\WINDOWS\system32\catroot2
2015-12-09 12:37:20 ----D---- C:\Users\Nikola\AppData\Roaming\TSv
2015-12-09 07:39:40 ----D---- C:\Program Files\Internet Explorer
2015-12-09 07:39:40 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-04 06:00:26 ----D---- C:\WINDOWS\Tasks
2015-12-03 23:02:05 ----D---- C:\WINDOWS\Hewlett-Packard
2015-12-03 23:01:48 ----D---- C:\SWSetup
2015-12-01 18:19:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-11-22 17:52:23 ----D---- C:\WINDOWS\AppReadiness

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-08-26 239296]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2013-08-20 62136]
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-08-20 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-08-20 168256]
R1 EpfwLWF;@oem22.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2013-08-20 44120]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-05-14 260856]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-08-19 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-08-19 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-08-19 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\WINDOWS\system32\DRIVERS\iSafeNetFilter.sys [2015-06-30 52392]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-08-20 220232]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-03-25 49584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem15.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-11-24 62784]
R3 netr28x;@oem25.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2014-03-29 2532552]
R3 RSP2STOR;@oem30.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-03 269968]
R3 rtbth;@oem23.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-11-24 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-11-24 542208]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-11-24 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-21 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2013-04-26 54064]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\WINDOWS\system32\DRIVERS\iSafeKrnlBoot.sys [2015-08-19 55056]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-24 41272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-06-07 1630456]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-08-19 1337240]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-09-07 35232]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-11-24 131032]
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-08-19 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-24 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-24 279000]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19 7743472]
R2 SSFK;SSFK; C:\Program Files (x86)\SFK\SSFK.exe [2015-11-27 170144]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-11-24 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-11-24 366040]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-05-14 145656]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S2 IhPul;IhPul; C:\Users\Nikola\AppData\Roaming\TSv\TSvr.exe [2015-12-08 580752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Re: Zavirovaný počítač

#3 Příspěvek od Nikola1989 »

# AdwCleaner v5.025 - Logfile created 17/12/2015 at 19:17:53
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Nikola - HP
# Running from : C:\Users\Nikola\Downloads\adwcleaner_5.025.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : iSafeKrnl
Service Found : iSafeKrnlKit
Service Found : iSafeKrnlMon
Service Found : iSafeKrnlR3
Service Found : iSafeNetFilter
Service Found : iSafeService

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Elex-tech
Folder Found : C:\Users\Nikola\AppData\Roaming\Elex-tech

***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Nikola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14395660 ... 2_S0V1P15P )
Shortcut Infected : C:\Users\Nikola\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14395660 ... 2_S0V1P15P )

***** [ Scheduled tasks ] *****

Task Found : ReimageUpdater
Task Found : SomotoUpdateCheckerAutoStart

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FLV Player]
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Key Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
Key Found : HKLM\SOFTWARE\Classes\WinZipper.001
Key Found : HKLM\SOFTWARE\Classes\WinZipper.7z
Key Found : HKLM\SOFTWARE\Classes\WinZipper.arj
Key Found : HKLM\SOFTWARE\Classes\WinZipper.bz2
Key Found : HKLM\SOFTWARE\Classes\WinZipper.bzip2
Key Found : HKLM\SOFTWARE\Classes\WinZipper.cab
Key Found : HKLM\SOFTWARE\Classes\WinZipper.cpio
Key Found : HKLM\SOFTWARE\Classes\WinZipper.deb
Key Found : HKLM\SOFTWARE\Classes\WinZipper.dmg
Key Found : HKLM\SOFTWARE\Classes\WinZipper.fat
Key Found : HKLM\SOFTWARE\Classes\WinZipper.gz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.gzip
Key Found : HKLM\SOFTWARE\Classes\WinZipper.hfs
Key Found : HKLM\SOFTWARE\Classes\WinZipper.iso
Key Found : HKLM\SOFTWARE\Classes\WinZipper.lha
Key Found : HKLM\SOFTWARE\Classes\WinZipper.lzh
Key Found : HKLM\SOFTWARE\Classes\WinZipper.lzma
Key Found : HKLM\SOFTWARE\Classes\WinZipper.ntfs
Key Found : HKLM\SOFTWARE\Classes\WinZipper.rar
Key Found : HKLM\SOFTWARE\Classes\WinZipper.rpm
Key Found : HKLM\SOFTWARE\Classes\WinZipper.squashfs
Key Found : HKLM\SOFTWARE\Classes\WinZipper.swm
Key Found : HKLM\SOFTWARE\Classes\WinZipper.tar
Key Found : HKLM\SOFTWARE\Classes\WinZipper.taz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.tbz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.tbz2
Key Found : HKLM\SOFTWARE\Classes\WinZipper.tgz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.tpz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.txz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.vhd
Key Found : HKLM\SOFTWARE\Classes\WinZipper.wim
Key Found : HKLM\SOFTWARE\Classes\WinZipper.xar
Key Found : HKLM\SOFTWARE\Classes\WinZipper.xz
Key Found : HKLM\SOFTWARE\Classes\WinZipper.z
Key Found : HKLM\SOFTWARE\Classes\WinZipper.zip
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\APNDTX
Key Found : HKCU\Software\SafetyNut
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\Webplayer
Key Found : HKCU\Software\Reimage
Key Found : HKLM\SOFTWARE\hdcode
Key Found : HKLM\SOFTWARE\istartsurfSoftware
Key Found : HKLM\SOFTWARE\Minibar
Key Found : HKLM\SOFTWARE\SafetyNut
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\V9
Key Found : HKLM\SOFTWARE\winzipersvc
Key Found : HKLM\SOFTWARE\Elex-tech
Key Found : HKLM\SOFTWARE\TSv
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Found : HKU\.DEFAULT\Software\Elex-tech
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.omniboxes.com/web/?type=ds&ts=14471 ... earchTerms}
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.omniboxes.com/web/?type=ds&ts=14471 ... earchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.yoursites123.com/web/?type=ds&ts=14 ... earchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... earchTerms}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {425ED333-6083-428a-92C9-0CFC28B9D1BF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.istartsurf.com

***** [ Web browsers ] *****

[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : istartsurf
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : v9.com
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : v9
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://v9.com/web?type=ds&ts=1450260221&from=zzgbkk123&uid=st500lt012-9ws142_s0v1p15p&z=5db2a790ce12c58d4662891g4zaw8e1oeq0eboco3g&q={searchTerms}
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : aaaaimdcedbpbcjjbbnfcbbjcngmomic
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bmkckgpgekmanipelfidlhmkfcjicion
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : chfdnecihphmhljaaejmgoiahnihplgn
[C:\Users\Nikola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.istartsurf.com/?type=hp&ts=14395660 ... 2_S0V1P15P

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [17824 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#4 Příspěvek od Rudy »

Musíte ještě kliknout na >clean<. Zkuste znovu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Re: Zavirovaný počítač

#5 Příspěvek od Nikola1989 »

Zdravím .. už jsem to provedla jak jste říkal. Můžete se mi nato podívat. Mockrát děkuji :)

# AdwCleaner v5.025 - Logfile created 19/12/2015 at 06:53:08
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Nikola - HP
# Running from : C:\Users\Nikola\Downloads\adwcleaner_5.025 (1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : iSafeKrnl
[-] Service Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlMon
[-] Service Deleted : iSafeKrnlR3
[-] Service Deleted : iSafeNetFilter
[-] Service Deleted : iSafeService

***** [ Folders ] *****

[#] Folder Deleted : C:\Program Files (x86)\Elex-tech
[#] Folder Deleted : C:\Users\Nikola\AppData\Roaming\Elex-tech

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Elex-tech
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1166 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#6 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Re: Zavirovaný počítač

#7 Příspěvek od Nikola1989 »

Zde..

Logfile of random's system information tool 1.10 (written by random/random)
Run by Nikola at 2015-12-19 11:42:25
Microsoft Windows 8.1
System drive C: has 348 GB (76%) free of 459 GB
Total RAM: 3986 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:48, on 19. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Nikola.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iSafeService - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Windows Service Modules (WSModules) - Unknown owner - C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 9475 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
c:\windows\system32\svchost.exe -k networkservice
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k apphost
taskhostex.exe

"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
taskeng.exe {130FC25A-A594-47B1-824B-663C32E26BC7}
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
c:\windows\system32\svchost.exe -k utcsvc
dashost.exe {981e99f3-0c95-4f1f-b0f0417727f0e49f}
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Program Files (x86)\AVG\Av\avgrsa.exe
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
"C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-d706-614198350d12 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
ctfmon.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" /enable /as


"dwm.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel

"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey A9BD1300-DEE7-8F38-0F30-7D0563F739EB -Reinvoke
"C:\Users\Nikola\Downloads\RSITx64 (1).exe"
c:\windows\system32\svchost.exe -k wersvcgroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e34aac978462.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e50b0a27319.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d07618398e800b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d090b15fcf1d7c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfc479d73488.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0f1c36aba658b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForNikola.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForNikola (null)
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-11-24 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-24 3030256]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-05-14 387832]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-09-07 581024]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-09 3855272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-19 06:56:54 ----D---- C:\Users\Nikola\AppData\Roaming\Elex-tech
2015-12-19 06:54:06 ----A---- C:\WINDOWS\system32\drivers\iSafeNetFilter.sys
2015-12-18 21:57:31 ----D---- C:\Program Files (x86)\ESET
2015-12-18 21:15:33 ----D---- C:\Program Files\CCleaner
2015-12-17 19:10:15 ----D---- C:\AdwCleaner
2015-12-17 17:38:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-12-17 17:37:45 ----D---- C:\ProgramData\AVG Web TuneUp
2015-12-17 17:37:45 ----D---- C:\Program Files\AVG Web TuneUp
2015-12-17 17:37:40 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-12-17 17:31:02 ----D---- C:\Users\Nikola\AppData\Roaming\AVG
2015-12-17 17:27:50 ----D---- C:\Users\Nikola\AppData\Roaming\TuneUp Software
2015-12-17 17:26:57 ----HD---- C:\$AVG
2015-12-17 17:21:38 ----D---- C:\ProgramData\MFAData
2015-12-17 17:17:39 ----HD---- C:\ProgramData\Common Files
2015-12-17 17:17:39 ----D---- C:\ProgramData\Avg
2015-12-17 17:17:39 ----D---- C:\Program Files (x86)\AVG
2015-12-17 13:26:10 ----D---- C:\Program Files\trend micro
2015-12-17 13:26:09 ----D---- C:\rsit
2015-12-10 09:46:12 ----D---- C:\Program Files (x86)\crxbro Browser
2015-12-09 13:41:58 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 13:41:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 13:41:37 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\system32\msctf.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbohci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\wininit.exe
2015-12-09 12:37:36 ----D---- C:\ProgramData\HWdMH
2015-12-09 12:36:25 ----D---- C:\ProgramData\1WdM1
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\system32\jscript.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\wininet.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-12-09 06:57:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-12-09 06:57:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-12-09 06:57:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ieui.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\user32.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\winresume.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\winload.exe
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2015-12-09 06:54:45 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wups2.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\system32\authui.dll

======List of files/folders modified in the last 1 month======

2015-12-19 11:42:32 ----D---- C:\WINDOWS\Temp
2015-12-19 11:42:32 ----D---- C:\WINDOWS\Prefetch
2015-12-19 11:00:00 ----D---- C:\WINDOWS\system32\sru
2015-12-19 10:32:32 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-12-19 10:32:29 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-12-19 10:32:29 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-12-19 07:04:22 ----RD---- C:\WINDOWS\System32
2015-12-19 07:04:22 ----D---- C:\WINDOWS\Inf
2015-12-19 07:04:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-19 07:01:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-19 06:56:37 ----D---- C:\Windows
2015-12-19 06:54:06 ----D---- C:\WINDOWS\system32\drivers
2015-12-18 22:21:35 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-18 21:57:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-12-18 21:57:31 ----RD---- C:\Program Files (x86)
2015-12-18 21:50:17 ----D---- C:\WINDOWS\system32\Tasks
2015-12-18 21:40:02 ----SHD---- C:\WINDOWS\Installer
2015-12-18 21:40:00 ----RD---- C:\Program Files
2015-12-18 21:40:00 ----D---- C:\WINDOWS\SysWOW64
2015-12-18 21:39:33 ----SHD---- C:\System Volume Information
2015-12-18 21:26:04 ----DC---- C:\WINDOWS\Panther
2015-12-18 21:26:03 ----D---- C:\WINDOWS\debug
2015-12-18 19:05:18 ----D---- C:\WINDOWS\system32\config
2015-12-18 14:43:46 ----D---- C:\WINDOWS\CbsTemp
2015-12-18 14:10:45 ----D---- C:\WINDOWS\WinSxS
2015-12-17 19:30:35 ----D---- C:\WINDOWS\system32\wdi
2015-12-17 19:13:55 ----D---- C:\WINDOWS\system32\log
2015-12-17 19:13:54 ----HD---- C:\ProgramData
2015-12-17 19:13:43 ----D---- C:\Program Files\Common Files
2015-12-17 19:13:43 ----D---- C:\Program Files (x86)\Common Files
2015-12-17 17:38:56 ----D---- C:\WINDOWS\Tasks
2015-12-17 17:29:47 ----D---- C:\Program Files\Common Files\AV
2015-12-17 17:27:37 ----HD---- C:\WINDOWS\ELAMBKUP
2015-12-17 17:01:59 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-17 16:42:26 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-13 20:48:20 ----D---- C:\KMPlayer
2015-12-13 20:13:45 ----D---- C:\Users\Nikola\AppData\Roaming\Skype
2015-12-13 18:13:07 ----D---- C:\WINDOWS\rescache
2015-12-13 12:40:59 ----D---- C:\ProgramData\Skype
2015-12-13 12:40:49 ----RD---- C:\Program Files (x86)\Skype
2015-12-12 16:45:43 ----D---- C:\WINDOWS\system32\NDF
2015-12-11 04:59:27 ----RSD---- C:\WINDOWS\Fonts
2015-12-10 11:09:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-12-10 11:09:34 ----D---- C:\WINDOWS\system32\cs-CZ
2015-12-10 11:09:04 ----D---- C:\WINDOWS\system32\MRT
2015-12-10 10:57:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-09 13:56:15 ----RSD---- C:\WINDOWS\assembly
2015-12-09 13:40:52 ----D---- C:\WINDOWS\system32\catroot2
2015-12-09 07:39:40 ----D---- C:\Program Files\Internet Explorer
2015-12-09 07:39:40 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 04:39:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-12-03 23:02:05 ----D---- C:\WINDOWS\Hewlett-Packard
2015-12-03 23:01:48 ----D---- C:\SWSetup
2015-12-01 18:19:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-11-22 17:52:23 ----D---- C:\WINDOWS\AppReadiness

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-05-14 260856]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-08-19 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-08-19 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-08-19 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\WINDOWS\system32\DRIVERS\iSafeNetFilter.sys [2015-06-30 52392]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2013-04-26 54064]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-03-25 49584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem15.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-11-24 62784]
R3 netr28x;@oem25.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2014-03-29 2532552]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem30.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-03 269968]
R3 rtbth;@oem23.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-11-24 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-11-24 542208]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-11-24 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-09-09 23152]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-24 41272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-09 579776]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-06-07 1630456]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-09-07 35232]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-11-24 131032]
R2 iSafeService;iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-08-19 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-24 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-24 279000]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-11-24 323072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-11-24 366040]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-05-14 145656]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-09 615584]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#8 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Skype\Toolbars
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0e34aac978462.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d12e50b0a27319.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d07618398e800b.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d090b15fcf1d7c.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0bfc479d73488.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0f1c36aba658b.job
C:\Program Files (x86)\Elex-tech\YAC

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64

:services
iSafeKrnl
iSafeKrnlKit
iSafeKrnlMon
iSafeKrnlR3
iSafeNetFilter
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Re: Zavirovaný počítač

#9 Příspěvek od Nikola1989 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Nikola at 2015-12-19 13:26:22
Microsoft Windows 8.1
System drive C: has 348 GB (76%) free of 459 GB
Total RAM: 3986 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:26, on 19. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Nikola.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iSafeService - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Windows Service Modules (WSModules) - Unknown owner - C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 9360 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
"dwm.exe"
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
c:\windows\system32\svchost.exe -k networkservice
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k apphost

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-7121-164de2b7ed63 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
dashost.exe {773a4904-2549-4739-baf1289f60ec372d}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"

taskeng.exe {50830B98-5C9E-46E4-808A-7003DC706EC0}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Program Files (x86)\AVG\Av\avgrsa.exe

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
c:\windows\system32\svchost.exe -k wersvcgroup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
ctfmon.exe

"C:\Users\Nikola\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForNikola.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForNikola (null)
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19 414920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-11-24 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-24 3030256]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-05-14 387832]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-09-07 581024]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-09 3855272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2015-06-01 451584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-19 13:03:16 ----D---- C:\_OTM
2015-12-19 06:56:54 ----D---- C:\Users\Nikola\AppData\Roaming\Elex-tech
2015-12-19 06:54:06 ----A---- C:\WINDOWS\system32\drivers\iSafeNetFilter.sys
2015-12-18 21:57:31 ----D---- C:\Program Files (x86)\ESET
2015-12-18 21:15:33 ----D---- C:\Program Files\CCleaner
2015-12-17 19:10:15 ----D---- C:\AdwCleaner
2015-12-17 17:38:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-12-17 17:37:45 ----D---- C:\ProgramData\AVG Web TuneUp
2015-12-17 17:37:45 ----D---- C:\Program Files\AVG Web TuneUp
2015-12-17 17:37:40 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2015-12-17 17:31:02 ----D---- C:\Users\Nikola\AppData\Roaming\AVG
2015-12-17 17:27:50 ----D---- C:\Users\Nikola\AppData\Roaming\TuneUp Software
2015-12-17 17:26:57 ----HD---- C:\$AVG
2015-12-17 17:21:38 ----D---- C:\ProgramData\MFAData
2015-12-17 17:17:39 ----HD---- C:\ProgramData\Common Files
2015-12-17 17:17:39 ----D---- C:\ProgramData\Avg
2015-12-17 17:17:39 ----D---- C:\Program Files (x86)\AVG
2015-12-17 13:26:10 ----D---- C:\Program Files\trend micro
2015-12-17 13:26:09 ----D---- C:\rsit
2015-12-10 09:46:12 ----D---- C:\Program Files (x86)\crxbro Browser
2015-12-09 13:41:58 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 13:41:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 13:41:48 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 13:41:37 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-12-09 13:41:31 ----A---- C:\WINDOWS\system32\msctf.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2015-12-09 13:41:29 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-12-09 13:41:28 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbohci.sys
2015-12-09 13:41:27 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-12-09 13:41:26 ----A---- C:\WINDOWS\system32\wininit.exe
2015-12-09 12:37:36 ----D---- C:\ProgramData\HWdMH
2015-12-09 12:36:25 ----D---- C:\ProgramData\1WdM1
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-12-09 06:58:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-12-09 06:57:59 ----A---- C:\WINDOWS\system32\jscript.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-12-09 06:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\wininet.dll
2015-12-09 06:57:57 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-12-09 06:57:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-12-09 06:57:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-12-09 06:57:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-12-09 06:57:52 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-12-09 06:57:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-12-09 06:57:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ieui.dll
2015-12-09 06:57:47 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-12-09 06:57:46 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-12-09 06:57:45 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-12-09 06:57:44 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\win32k.sys
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\user32.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-12-09 06:55:11 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 06:55:10 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\winresume.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-12-09 06:55:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\winload.exe
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 06:55:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2015-12-09 06:54:45 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wups2.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-12-09 06:54:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-12-09 06:54:40 ----A---- C:\WINDOWS\system32\authui.dll

======List of files/folders modified in the last 1 month======

2015-12-19 13:25:55 ----D---- C:\WINDOWS\Temp
2015-12-19 13:23:57 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-12-19 13:23:05 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-12-19 13:23:04 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-12-19 13:19:11 ----D---- C:\WINDOWS\Prefetch
2015-12-19 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-12-19 13:03:18 ----RD---- C:\Program Files (x86)\Skype
2015-12-19 13:03:18 ----D---- C:\WINDOWS\Tasks
2015-12-19 13:00:00 ----D---- C:\WINDOWS\system32\sru
2015-12-19 07:04:22 ----RD---- C:\WINDOWS\System32
2015-12-19 07:04:22 ----D---- C:\WINDOWS\Inf
2015-12-19 07:04:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-19 06:56:37 ----D---- C:\Windows
2015-12-19 06:54:06 ----D---- C:\WINDOWS\system32\drivers
2015-12-18 22:21:35 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-18 21:57:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2015-12-18 21:57:31 ----RD---- C:\Program Files (x86)
2015-12-18 21:50:17 ----D---- C:\WINDOWS\system32\Tasks
2015-12-18 21:40:02 ----SHD---- C:\WINDOWS\Installer
2015-12-18 21:40:00 ----RD---- C:\Program Files
2015-12-18 21:40:00 ----D---- C:\WINDOWS\SysWOW64
2015-12-18 21:39:33 ----SHD---- C:\System Volume Information
2015-12-18 21:26:04 ----DC---- C:\WINDOWS\Panther
2015-12-18 21:26:03 ----D---- C:\WINDOWS\debug
2015-12-18 19:05:18 ----D---- C:\WINDOWS\system32\config
2015-12-18 14:43:46 ----D---- C:\WINDOWS\CbsTemp
2015-12-18 14:10:45 ----D---- C:\WINDOWS\WinSxS
2015-12-17 19:30:35 ----D---- C:\WINDOWS\system32\wdi
2015-12-17 19:13:55 ----D---- C:\WINDOWS\system32\log
2015-12-17 19:13:54 ----HD---- C:\ProgramData
2015-12-17 19:13:43 ----D---- C:\Program Files\Common Files
2015-12-17 19:13:43 ----D---- C:\Program Files (x86)\Common Files
2015-12-17 17:29:47 ----D---- C:\Program Files\Common Files\AV
2015-12-17 17:27:37 ----HD---- C:\WINDOWS\ELAMBKUP
2015-12-17 17:01:59 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-17 16:42:26 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-13 20:48:20 ----D---- C:\KMPlayer
2015-12-13 20:13:45 ----D---- C:\Users\Nikola\AppData\Roaming\Skype
2015-12-13 18:13:07 ----D---- C:\WINDOWS\rescache
2015-12-13 12:40:59 ----D---- C:\ProgramData\Skype
2015-12-12 16:45:43 ----D---- C:\WINDOWS\system32\NDF
2015-12-11 04:59:27 ----RSD---- C:\WINDOWS\Fonts
2015-12-10 11:09:34 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-12-10 11:09:34 ----D---- C:\WINDOWS\system32\cs-CZ
2015-12-10 11:09:04 ----D---- C:\WINDOWS\system32\MRT
2015-12-10 10:57:06 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-09 13:56:15 ----RSD---- C:\WINDOWS\assembly
2015-12-09 13:40:52 ----D---- C:\WINDOWS\system32\catroot2
2015-12-09 07:39:40 ----D---- C:\Program Files\Internet Explorer
2015-12-09 07:39:40 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-09 04:39:31 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-12-03 23:02:05 ----D---- C:\WINDOWS\Hewlett-Packard
2015-12-03 23:01:48 ----D---- C:\SWSetup
2015-12-01 18:19:27 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-11-22 17:52:23 ----D---- C:\WINDOWS\AppReadiness

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 hpdskflt;@oem17.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2015-05-14 260856]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2015-08-19 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2015-08-19 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2015-08-19 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\WINDOWS\system32\DRIVERS\iSafeNetFilter.sys [2015-06-30 52392]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R3 Accelerometer;@oem17.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2013-04-26 54064]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-03-25 49584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem15.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-11-24 62784]
R3 netr28x;@oem25.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2014-03-29 2532552]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem30.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-03 269968]
R3 rtbth;@oem23.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-11-24 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-11-24 542208]
R3 SynTP;@oem21.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-11-24 524016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-09-09 23152]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-24 41272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-09 579776]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-06-07 1630456]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 hpsrv;@oem17.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-09-07 35232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 iSafeService;iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2015-08-19 118048]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-24 165336]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-11-24 323072]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-05-14 145656]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-09-28 25800]
S2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-11-24 131032]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-24 279000]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-11-24 366040]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-09 615584]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2014-11-21 38792]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2015-03-09 57856]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#10 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nikola1989
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 17 pro 2015 13:18

Re: Zavirovaný počítač

#11 Příspěvek od Nikola1989 »

Takže by to mělo být už čisté? Otm jsem spustila a PC restartovala. Moc děkuji za pomoc.

Mohu se na něco zeptat. Už nějaký den se mi objevuje hláška:
"Aplikace nastavení počítače se nedá otevřít, pokuď je průzkumník souborů spuštěn s oprávněními správce. Restartujte průzkumník souborů s běžnými oprávněními."

Průzkumník jsem zkoušela restartovat ve správcích souborů a ono se to pořád objevuje. Vím, že to momentálně nepatří do diskuze, ale nevím kdo by mi jiný mohl poradit.

Moc děkuji ;)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zavirovaný počítač

#12 Příspěvek od Rudy »

Zde: http://technet.idnes.cz/windows-8-tipy- ... ftware_dvr o tom něco je. Jinak pokud není jiný problém, mělo by to být vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“