Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zřejmě Unlocker

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Zřejmě Unlocker

#1 Příspěvek od yvonne_K »

Zdravím,

dnes po zapnutí PC se na mě z každého kliknutí na netu valí spousta reklam, vyskakovacích oken a proklikávám se na další a další reklamy. Prosím tedy o pomoc. Na stránkách se mi zobrazuje unlocker a odinstalovala jsem ho i z počítače, kde se mi zjevil, no zřejmě to nepomohlo...

Log zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Beatrix at 2016-02-19 17:29:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (14%) free of 57 GB
Total RAM: 8103 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:48, on 19.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe
C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Beatrix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Panasonic Device Monitor Wakeup] C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe
O4 - HKLM\..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
O4 - HKLM\..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe -1
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F28AB1-875E-4A93-8171-D5A35E52DB0E}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\Spyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Panasonic Local Printer Service - Panasonic System Networks Co., Ltd. - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
O23 - Service: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10380 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe"
"C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe"
"C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1668.0.208305607\1682784337" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.2.2065853422\828178018" --font-cache-shared-handle=1824 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.3.1551882977\15045623" --font-cache-shared-handle=2180 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.4.1593097744\103481238" --font-cache-shared-handle=916 /prefetch:673131151
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe" --parent-window=0 chrome-extension://elbjpfdfllhaioofjgmiaekihidancnc/ < \\.\pipe\chrome.nativeMessaging.in.1b281158ad1ba277 > \\.\pipe\chrome.nativeMessaging.out.1b281158ad1ba277
\??\C:\Windows\system32\conhost.exe "-1808077772-1457284517143362693-2770182366400050761235821032-1991294640-773325110
"C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe" --parent-window=0 chrome-extension://elbjpfdfllhaioofjgmiaekihidancnc/
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.7.580268823\558399530" --font-cache-shared-handle=4724 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1668.10.2056440949\424679628" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=5152 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.11.1927175718\152707622" --font-cache-shared-handle=5372 /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DeviceDisplayObjectProvider.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-dc5f2457-9e3d-410e-9003-e14c1a0b247f -SystemEventPortName:HostProcess-aad6be23-4e1b-43d9-9456-be275ef36d5f -IoCancelEventPortName:HostProcess-c0089020-b7f0-4c35-8eef-578cf92cf515 -NonStateChangingEventPortName:HostProcess-beac9a61-85c5-40f8-ad68-a785942ffb21 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:06e8b109-743e-4895-9fe8-33f82b63364e -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

"C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE"
C:\Windows\splwow64.exe 8192
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1668.18.103906476\1648668812" --font-cache-shared-handle=7340 /prefetch:673131151
"C:\Users\Beatrix\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002Core.job - C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002UA.job - C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\Windows\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL [2015-07-28 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [2015-07-28 1255248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-07-28 3884368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-17 50385536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Panasonic Device Monitor Wakeup"=C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe [2010-01-09 413696]
"Panasonic Device Manager for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe [2010-02-02 135168]
"Panasonic PCFAX for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe [2010-01-18 765952]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-19 17:29:44 ----D---- C:\rsit
2016-02-19 17:29:44 ----D---- C:\Program Files\trend micro
2016-02-19 16:54:21 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-54c5-0
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-0355-0
2016-02-19 16:15:06 ----D---- C:\ProgramData\{190ea44c-012c-0}
2016-02-19 16:15:06 ----D---- C:\ProgramData\{17b91e63-712c-1}
2016-02-09 19:35:58 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\InkEd.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\invagent.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\generaltel.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\devinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-09 19:35:57 ----A---- C:\Windows\system32\appraiser.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\aeinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\acmigration.dll
2016-02-09 19:35:56 ----A---- C:\Windows\system32\iertutil.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-09 19:35:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\urlmon.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieui.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieframe.dll
2016-02-09 19:35:52 ----A---- C:\Windows\system32\mshtml.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-09 19:35:24 ----A---- C:\Windows\system32\occache.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 19:35:23 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\iesetup.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-09 19:35:21 ----A---- C:\Windows\system32\vbscript.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\webcheck.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\wininet.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\msrating.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-09 19:34:36 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups2.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wucltux.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\win32k.sys
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-09 19:34:25 ----A---- C:\Windows\system32\ole32.dll
2016-02-09 19:34:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-09 19:34:09 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\EncDec.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\kerberos.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\kernel32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\advapi32.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-09 19:34:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\smss.exe
2016-02-09 19:34:05 ----A---- C:\Windows\system32\schannel.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64win.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srcore.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\rstrui.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\lsass.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-09 19:34:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\conhost.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\auditpol.exe
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\adtschema.dll
2016-02-09 19:33:44 ----A---- C:\Windows\system32\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-02-19 17:29:45 ----D---- C:\Windows\Temp
2016-02-19 17:29:44 ----RD---- C:\Program Files
2016-02-19 17:27:59 ----D---- C:\Windows\System32
2016-02-19 17:27:59 ----D---- C:\Windows\inf
2016-02-19 17:27:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-19 17:12:34 ----D---- C:\Users\Beatrix\AppData\Roaming\uTorrent
2016-02-19 17:12:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-19 17:12:29 ----D---- C:\Windows\debug
2016-02-19 17:12:29 ----D---- C:\Windows
2016-02-19 17:12:01 ----SHD---- C:\Windows\Installer
2016-02-19 17:11:55 ----D---- C:\Windows\SysWOW64
2016-02-19 17:10:22 ----SHD---- C:\System Volume Information
2016-02-19 17:01:50 ----D---- C:\Windows\system32\config
2016-02-19 16:59:52 ----D---- C:\Program Files (x86)\Spyware
2016-02-19 16:58:48 ----D---- C:\ProgramData\NVIDIA
2016-02-19 16:55:02 ----D---- C:\Windows\system32\drivers
2016-02-19 16:55:01 ----D---- C:\Windows\system32\Tasks
2016-02-19 16:52:56 ----D---- C:\Program Files\McAfee Security Scan
2016-02-19 16:52:53 ----D---- C:\Windows\system32\drivers\etc
2016-02-19 16:51:09 ----D---- C:\Windows\Tasks
2016-02-19 16:51:09 ----D---- C:\Windows\system32\wfp
2016-02-19 16:51:08 ----D---- C:\Windows\system32\wbem
2016-02-19 16:50:44 ----SD---- C:\Windows\system32\GWX
2016-02-19 16:50:44 ----D---- C:\Windows\system32\DriverStore
2016-02-19 16:50:44 ----D---- C:\Windows\system32\catroot2
2016-02-19 16:50:40 ----RD---- C:\Program Files (x86)\Skype
2016-02-19 16:50:40 ----D---- C:\Users\Beatrix\AppData\Roaming\Skype
2016-02-19 16:50:40 ----D---- C:\ProgramData\Spyware Terminator
2016-02-19 16:50:40 ----D---- C:\ProgramData\McAfee Security Scan
2016-02-19 16:50:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-19 16:50:36 ----D---- C:\Program Files (x86)\Adobe
2016-02-19 16:50:35 ----D---- C:\Windows\registration
2016-02-19 16:50:23 ----HD---- C:\ProgramData
2016-02-19 16:50:22 ----D---- C:\ProgramData\Skype
2016-02-19 16:50:21 ----RD---- C:\Program Files (x86)
2016-02-19 16:15:13 ----D---- C:\ProgramData\e2610b38-4f07-0
2016-02-19 16:15:08 ----D---- C:\ProgramData\e2610b38-2b41-1
2016-02-11 17:44:23 ----D---- C:\Windows\Microsoft.NET
2016-02-10 17:39:02 ----D---- C:\Windows\rescache
2016-02-10 16:14:11 ----RSD---- C:\Windows\assembly
2016-02-10 16:01:27 ----D---- C:\Windows\winsxs
2016-02-10 16:00:28 ----SD---- C:\Windows\system32\CompatTel
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\system32\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\appraiser
2016-02-10 16:00:28 ----D---- C:\Windows\AppPatch
2016-02-10 16:00:28 ----D---- C:\Program Files\Windows Journal
2016-02-10 16:00:28 ----D---- C:\Program Files\Internet Explorer
2016-02-10 16:00:26 ----D---- C:\Windows\cs-CZ
2016-02-09 22:52:48 ----D---- C:\Windows\system32\MRT
2016-02-09 22:49:36 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 22:43:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-09 20:24:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-13 867824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\Spyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\Spyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2011-06-29 118888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-08-21 51496]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-02-19 22704]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-15 291648]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files (x86)\Spyware\SASCORE64.EXE [2015-07-26 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Panasonic Local Printer Service;Panasonic Local Printer Service; C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe [2010-01-09 49152]
R2 Panasonic Trap Monitor Service;Panasonic Trap Monitor Service; C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe [2004-02-26 69632]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-07-01 3037520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [2016-02-05 293128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Naposledy upravil(a) yvonne_K dne 19 úno 2016 19:43, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejme Unlocker

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Re: Zřejme Unlocker

#3 Příspěvek od yvonne_K »

Děkuji za reakci - log zde, bohužel problém přetrvává a ještě se chrome jakoby seká - resp. načítání stránky, i teď psaní..

# AdwCleaner v5.035 - Logfile created 19/02/2016 at 18:56:21
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Beatrix - COOLMASTER
# Running from : C:\Users\Beatrix\Desktop\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PanService
[-] Service Deleted : sp_rsdrv2

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\{17b91e63-712c-1}
[-] Folder Deleted : C:\ProgramData\{190ea44c-012c-0}
[-] Folder Deleted : C:\Users\Beatrix\AppData\Local\FileViewPro
[-] Folder Deleted : C:\Users\Beatrix\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Beatrix\AppData\Roaming\OpenCandy

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : simplitec Power Suite (Tray)
[-] Task Deleted : simplitec Power Suite
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002UA
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002Core
[-] Task Deleted : GoogleUpdateTaskUserS-1-5-21-3493884222-2583266169-3365024918-1002UA

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\APN PIP
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\GlobalUpdate
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\PIP
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Softonic
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\WEBAPP
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Data Not Restored : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4F3E5C27-7F42-4DB6-B48F-24E16F7581F5}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Microsoft\Internet Explorer\SearchScopes\{4F3E5C27-7F42-4DB6-B48F-24E16F7581F5}
[!] Key Not Deleted : HKU\S-1-5-21-3493884222-2583266169-3365024918-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

***** [ Web browsers ] *****

[-] [C:\Users\Beatrix\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : spokojenypes.cz
[-] [C:\Users\Beatrix\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : nfsradar.en.softonic.com

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6471 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejme Unlocker

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Re: Zřejme Unlocker

#5 Příspěvek od yvonne_K »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Beatrix at 2016-02-19 19:21:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (14%) free of 57 GB
Total RAM: 8103 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:13, on 19.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe
C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
C:\Program Files\trend micro\Beatrix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Panasonic Device Monitor Wakeup] C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe
O4 - HKLM\..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
O4 - HKLM\..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe -1
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F28AB1-875E-4A93-8171-D5A35E52DB0E}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\Spyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Panasonic Local Printer Service - Panasonic System Networks Co., Ltd. - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
O23 - Service: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9457 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe"
"C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Beatrix\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL [2015-07-28 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [2015-07-28 1255248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-07-28 3884368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-17 50385536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Panasonic Device Monitor Wakeup"=C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe [2010-01-09 413696]
"Panasonic Device Manager for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe [2010-02-02 135168]
"Panasonic PCFAX for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe [2010-01-18 765952]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-19 18:53:18 ----D---- C:\AdwCleaner
2016-02-19 17:29:44 ----D---- C:\rsit
2016-02-19 17:29:44 ----D---- C:\Program Files\trend micro
2016-02-19 16:54:21 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-54c5-0
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-0355-0
2016-02-09 19:35:58 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\InkEd.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\invagent.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\generaltel.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\devinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-09 19:35:57 ----A---- C:\Windows\system32\appraiser.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\aeinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\acmigration.dll
2016-02-09 19:35:56 ----A---- C:\Windows\system32\iertutil.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-09 19:35:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\urlmon.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieui.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieframe.dll
2016-02-09 19:35:52 ----A---- C:\Windows\system32\mshtml.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-09 19:35:24 ----A---- C:\Windows\system32\occache.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 19:35:23 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\iesetup.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-09 19:35:21 ----A---- C:\Windows\system32\vbscript.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\webcheck.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\wininet.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\msrating.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-09 19:34:36 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups2.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wucltux.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\win32k.sys
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-09 19:34:25 ----A---- C:\Windows\system32\ole32.dll
2016-02-09 19:34:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-09 19:34:09 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\EncDec.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\kerberos.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\kernel32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\advapi32.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-09 19:34:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\smss.exe
2016-02-09 19:34:05 ----A---- C:\Windows\system32\schannel.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64win.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srcore.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\rstrui.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\lsass.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-09 19:34:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\conhost.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\auditpol.exe
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\adtschema.dll
2016-02-09 19:33:44 ----A---- C:\Windows\system32\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-02-19 19:10:42 ----D---- C:\Windows\Temp
2016-02-19 19:03:12 ----D---- C:\Windows\System32
2016-02-19 19:03:12 ----D---- C:\Windows\inf
2016-02-19 19:03:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-19 19:00:02 ----D---- C:\Windows\system32\config
2016-02-19 18:57:07 ----D---- C:\Windows\system32\drivers
2016-02-19 18:57:04 ----D---- C:\Windows
2016-02-19 18:57:03 ----D---- C:\ProgramData\NVIDIA
2016-02-19 18:57:00 ----D---- C:\Program Files (x86)\Spyware
2016-02-19 18:56:21 ----RD---- C:\Program Files (x86)
2016-02-19 18:56:21 ----HD---- C:\ProgramData
2016-02-19 18:56:21 ----D---- C:\Windows\Tasks
2016-02-19 18:56:21 ----D---- C:\Windows\system32\Tasks
2016-02-19 17:29:44 ----RD---- C:\Program Files
2016-02-19 17:12:34 ----D---- C:\Users\Beatrix\AppData\Roaming\uTorrent
2016-02-19 17:12:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-19 17:12:29 ----D---- C:\Windows\debug
2016-02-19 17:12:01 ----SHD---- C:\Windows\Installer
2016-02-19 17:11:55 ----D---- C:\Windows\SysWOW64
2016-02-19 17:10:22 ----SHD---- C:\System Volume Information
2016-02-19 16:52:56 ----D---- C:\Program Files\McAfee Security Scan
2016-02-19 16:52:53 ----D---- C:\Windows\system32\drivers\etc
2016-02-19 16:51:09 ----D---- C:\Windows\system32\wfp
2016-02-19 16:51:08 ----D---- C:\Windows\system32\wbem
2016-02-19 16:50:44 ----SD---- C:\Windows\system32\GWX
2016-02-19 16:50:44 ----D---- C:\Windows\system32\DriverStore
2016-02-19 16:50:44 ----D---- C:\Windows\system32\catroot2
2016-02-19 16:50:40 ----RD---- C:\Program Files (x86)\Skype
2016-02-19 16:50:40 ----D---- C:\Users\Beatrix\AppData\Roaming\Skype
2016-02-19 16:50:40 ----D---- C:\ProgramData\Spyware Terminator
2016-02-19 16:50:40 ----D---- C:\ProgramData\McAfee Security Scan
2016-02-19 16:50:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-19 16:50:36 ----D---- C:\Program Files (x86)\Adobe
2016-02-19 16:50:35 ----D---- C:\Windows\registration
2016-02-19 16:50:22 ----D---- C:\ProgramData\Skype
2016-02-19 16:15:13 ----D---- C:\ProgramData\e2610b38-4f07-0
2016-02-19 16:15:08 ----D---- C:\ProgramData\e2610b38-2b41-1
2016-02-11 17:44:23 ----D---- C:\Windows\Microsoft.NET
2016-02-10 17:39:02 ----D---- C:\Windows\rescache
2016-02-10 16:14:11 ----RSD---- C:\Windows\assembly
2016-02-10 16:01:27 ----D---- C:\Windows\winsxs
2016-02-10 16:00:28 ----SD---- C:\Windows\system32\CompatTel
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\system32\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\appraiser
2016-02-10 16:00:28 ----D---- C:\Windows\AppPatch
2016-02-10 16:00:28 ----D---- C:\Program Files\Windows Journal
2016-02-10 16:00:28 ----D---- C:\Program Files\Internet Explorer
2016-02-10 16:00:26 ----D---- C:\Windows\cs-CZ
2016-02-09 22:52:48 ----D---- C:\Windows\system32\MRT
2016-02-09 22:49:36 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 22:43:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-09 20:24:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-13 867824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\Spyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\Spyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2011-06-29 118888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-02-19 22704]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-15 291648]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files (x86)\Spyware\SASCORE64.EXE [2015-07-26 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Panasonic Local Printer Service;Panasonic Local Printer Service; C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe [2010-01-09 49152]
R2 Panasonic Trap Monitor Service;Panasonic Trap Monitor Service; C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe [2004-02-26 69632]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-07-01 3037520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [2016-02-05 293128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejme Unlocker

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Re: Zřejme Unlocker

#7 Příspěvek od yvonne_K »

Log co mi vyskočil po restartu: (níže pak log z RSIT)


All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.292\sacoredata folder moved successfully.
Folder move failed. C:\Program Files\McAfee Security Scan\3.11.292 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\McAfee Security Scan scheduled to be moved on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Beatrix
->Temp folder emptied: 1596666 bytes
->Temporary Internet Files folder emptied: 2496193 bytes
->Java cache emptied: 7350270 bytes
->Google Chrome cache emptied: 117868119 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 681 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1715886 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 85720086 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 5202462 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78213 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 212,00 mb


[EMPTYFLASH]

User: All Users

User: Beatrix
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 02192016_193655

Files moved on Reboot...
C:\Program Files\McAfee Security Scan\3.11.292 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Users\Beatrix\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\Windows\temp\TMP000000C5C96119BB5154A4FD not found!

Registry entries deleted on Reboot...


///////////////////////////////// a Log RSIT: ///////////////////////////



Logfile of random's system information tool 1.10 (written by random/random)
Run by Beatrix at 2016-02-19 19:40:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (14%) free of 57 GB
Total RAM: 8103 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:58, on 19.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe
C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Beatrix.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Panasonic Device Monitor Wakeup] C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe
O4 - HKLM\..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe
O4 - HKLM\..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe -1
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3493884222-2583266169-3365024918-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F28AB1-875E-4A93-8171-D5A35E52DB0E}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\Spyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Panasonic Local Printer Service - Panasonic System Networks Co., Ltd. - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
O23 - Service: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9816 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Spyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {97407197-A8A9-44CE-A036-6612B91DE386}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Panasonic\Device Monitor\DMWakeup.exe"
"C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe"
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3436.0.1799586721\522734225" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3436.2.341994251\1992660988" --font-cache-shared-handle=2040 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3436.3.1819400031\1088854268" --font-cache-shared-handle=1944 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3436.4.1932260560\1114309630" --font-cache-shared-handle=2200 /prefetch:673131151
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe" --parent-window=0 chrome-extension://elbjpfdfllhaioofjgmiaekihidancnc/ < \\.\pipe\chrome.nativeMessaging.in.74f9788a2525c4b1 > \\.\pipe\chrome.nativeMessaging.out.74f9788a2525c4b1
\??\C:\Windows\system32\conhost.exe "2124834232-1745815970133810696-9189342401747263999-726803156-12722549002049033695
"C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe" --parent-window=0 chrome-extension://elbjpfdfllhaioofjgmiaekihidancnc/
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3436.10.163088210\863990475" --font-cache-shared-handle=4396 /prefetch:673131151
"C:\Users\Beatrix\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/FeedbackRanker RCTR 1/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3436.13.1705148993\584308491" --font-cache-shared-handle=5420 /prefetch:673131151
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Beatrix\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL [2015-07-28 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [2015-07-28 1255248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-08-16 12673128]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-07-28 3884368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Beatrix\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-17 50385536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Panasonic Device Monitor Wakeup"=C:\Program Files (x86)\Panasonic\Device Monitor\dmwakeup.exe [2010-01-09 413696]
"Panasonic Device Manager for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe [2010-02-02 135168]
"Panasonic PCFAX for Multi-Function Station software"=C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe [2010-01-18 765952]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-19 19:36:55 ----D---- C:\_OTM
2016-02-19 18:53:18 ----D---- C:\AdwCleaner
2016-02-19 17:29:44 ----D---- C:\rsit
2016-02-19 17:29:44 ----D---- C:\Program Files\trend micro
2016-02-19 16:54:21 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-54c5-0
2016-02-19 16:15:07 ----D---- C:\ProgramData\71517c01-0355-0
2016-02-09 19:35:58 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-09 19:35:58 ----A---- C:\Windows\system32\InkEd.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\invagent.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\generaltel.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\devinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-09 19:35:57 ----A---- C:\Windows\system32\appraiser.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\aeinv.dll
2016-02-09 19:35:57 ----A---- C:\Windows\system32\acmigration.dll
2016-02-09 19:35:56 ----A---- C:\Windows\system32\iertutil.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-02-09 19:35:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-02-09 19:35:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-02-09 19:35:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\urlmon.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieui.dll
2016-02-09 19:35:53 ----A---- C:\Windows\system32\ieframe.dll
2016-02-09 19:35:52 ----A---- C:\Windows\system32\mshtml.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\iernonce.dll
2016-02-09 19:35:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-02-09 19:35:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\inseng.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-09 19:35:25 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-02-09 19:35:24 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-02-09 19:35:24 ----A---- C:\Windows\system32\occache.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-02-09 19:35:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 19:35:23 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-09 19:35:23 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\iesetup.dll
2016-02-09 19:35:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-02-09 19:35:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-02-09 19:35:21 ----A---- C:\Windows\system32\vbscript.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-02-09 19:35:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-09 19:35:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\webcheck.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-09 19:35:19 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\wininet.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript9.dll
2016-02-09 19:35:18 ----A---- C:\Windows\system32\jscript.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\msrating.dll
2016-02-09 19:35:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-09 19:34:36 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups2.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wups.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wudriver.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wucltux.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapp.exe
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wuapi.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-09 19:34:31 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\win32k.sys
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 19:34:29 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-09 19:34:25 ----A---- C:\Windows\system32\ole32.dll
2016-02-09 19:34:23 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-09 19:34:09 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\EncDec.dll
2016-02-09 19:34:09 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:34:08 ----A---- C:\Windows\system32\ntdll.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-09 19:34:08 ----A---- C:\Windows\system32\kerberos.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\kernel32.dll
2016-02-09 19:34:07 ----A---- C:\Windows\system32\advapi32.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-02-09 19:34:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-09 19:34:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-09 19:34:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\winsrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\smss.exe
2016-02-09 19:34:05 ----A---- C:\Windows\system32\schannel.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-09 19:34:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 19:34:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64win.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64cpu.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wow64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\wdigest.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\sspicli.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srcore.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\srclient.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\secur32.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\rstrui.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\ntvdm64.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\lsass.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-09 19:34:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\credssp.dll
2016-02-09 19:34:04 ----A---- C:\Windows\system32\conhost.exe
2016-02-09 19:34:04 ----A---- C:\Windows\system32\auditpol.exe
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 19:34:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 19:34:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\user.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msobjs.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\msaudite.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-09 19:34:02 ----A---- C:\Windows\system32\adtschema.dll
2016-02-09 19:33:44 ----A---- C:\Windows\system32\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-09 19:33:43 ----A---- C:\Windows\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-09 19:33:42 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-09 19:33:42 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2016-02-19 19:39:23 ----D---- C:\Windows\Temp
2016-02-19 19:38:26 ----RD---- C:\Program Files
2016-02-19 19:37:45 ----D---- C:\ProgramData\NVIDIA
2016-02-19 19:37:17 ----D---- C:\Windows\system32\config
2016-02-19 19:37:06 ----D---- C:\Windows
2016-02-19 19:36:56 ----RD---- C:\Program Files (x86)\Skype
2016-02-19 19:03:12 ----D---- C:\Windows\System32
2016-02-19 19:03:12 ----D---- C:\Windows\inf
2016-02-19 19:03:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-19 18:57:07 ----D---- C:\Windows\system32\drivers
2016-02-19 18:57:00 ----D---- C:\Program Files (x86)\Spyware
2016-02-19 18:56:21 ----RD---- C:\Program Files (x86)
2016-02-19 18:56:21 ----HD---- C:\ProgramData
2016-02-19 18:56:21 ----D---- C:\Windows\Tasks
2016-02-19 18:56:21 ----D---- C:\Windows\system32\Tasks
2016-02-19 17:12:34 ----D---- C:\Users\Beatrix\AppData\Roaming\uTorrent
2016-02-19 17:12:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-19 17:12:29 ----D---- C:\Windows\debug
2016-02-19 17:12:01 ----SHD---- C:\Windows\Installer
2016-02-19 17:11:55 ----D---- C:\Windows\SysWOW64
2016-02-19 17:10:22 ----SHD---- C:\System Volume Information
2016-02-19 16:52:53 ----D---- C:\Windows\system32\drivers\etc
2016-02-19 16:51:09 ----D---- C:\Windows\system32\wfp
2016-02-19 16:51:08 ----D---- C:\Windows\system32\wbem
2016-02-19 16:50:44 ----SD---- C:\Windows\system32\GWX
2016-02-19 16:50:44 ----D---- C:\Windows\system32\DriverStore
2016-02-19 16:50:44 ----D---- C:\Windows\system32\catroot2
2016-02-19 16:50:40 ----D---- C:\Users\Beatrix\AppData\Roaming\Skype
2016-02-19 16:50:40 ----D---- C:\ProgramData\Spyware Terminator
2016-02-19 16:50:40 ----D---- C:\ProgramData\McAfee Security Scan
2016-02-19 16:50:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-02-19 16:50:36 ----D---- C:\Program Files (x86)\Adobe
2016-02-19 16:50:35 ----D---- C:\Windows\registration
2016-02-19 16:50:22 ----D---- C:\ProgramData\Skype
2016-02-19 16:15:13 ----D---- C:\ProgramData\e2610b38-4f07-0
2016-02-19 16:15:08 ----D---- C:\ProgramData\e2610b38-2b41-1
2016-02-11 17:44:23 ----D---- C:\Windows\Microsoft.NET
2016-02-10 17:39:02 ----D---- C:\Windows\rescache
2016-02-10 16:14:11 ----RSD---- C:\Windows\assembly
2016-02-10 16:01:27 ----D---- C:\Windows\winsxs
2016-02-10 16:00:28 ----SD---- C:\Windows\system32\CompatTel
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\en-US
2016-02-10 16:00:28 ----D---- C:\Windows\system32\cs-CZ
2016-02-10 16:00:28 ----D---- C:\Windows\system32\appraiser
2016-02-10 16:00:28 ----D---- C:\Windows\AppPatch
2016-02-10 16:00:28 ----D---- C:\Program Files\Windows Journal
2016-02-10 16:00:28 ----D---- C:\Program Files\Internet Explorer
2016-02-10 16:00:26 ----D---- C:\Windows\cs-CZ
2016-02-09 22:52:48 ----D---- C:\Windows\system32\MRT
2016-02-09 22:49:36 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 22:43:42 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-09 20:24:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-13 867824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\Spyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\Spyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\Windows\system32\DRIVERS\StarPortLite.sys [2011-06-29 118888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-02-19 22704]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-01-26 39808]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-01-26 64256]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-07-27 78848]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-07-27 180224]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\Windows\system32\drivers\nvstusb.sys [2011-10-15 291648]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files (x86)\Spyware\SASCORE64.EXE [2015-07-26 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-10 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 Panasonic Local Printer Service;Panasonic Local Printer Service; C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe [2010-01-09 49152]
R2 Panasonic Trap Monitor Service;Panasonic Trap Monitor Service; C:\PROGRA~2\PANASO~1\TRAPMO~1\Trapmnnt.exe [2004-02-26 69632]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spyware\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-07-01 3037520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe []
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

Problém vypadá být vyřešen - alespoň jakože mi tu už nic nevyskakuje :thumbsup: děkuji! Akorát mám asi paralyzovaný adblock? Běžné reklamy vidím a menu adbloku je jakoby prázdné.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejmě Unlocker

#8 Příspěvek od Rudy »

To je asi důsledek čištění. Pokud jhe AdBlock nefunkční, zkuste ho reinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Re: Zřejmě Unlocker

#9 Příspěvek od yvonne_K »

Á super, už šlape! Děkuji moc za efektivní a rychlou pomoc! Byl to opravdu Unlocker? a nevíte, kde jsem k němu mohla přijít? (Tedy tuším, že možností je asi hodně, ale přijde mi, že se teď nějak rozlízá po více uživatelích...) - A nainstalované programy mám teď zase odinstalovat? + Jinak v počítači nevidíte nějakého jiného parazita či problém?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejmě Unlocker

#10 Příspěvek od Rudy »

Byl. Mimo dalších AdWarů. Někde na webu jste klikla, na co neměla. ADW spusťte a klikněte na >uninstall<. OTM spusťte a klikněte na >CleanUp!<. Tím byste se těch utilit měla zbavit. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
yvonne_K
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 06 úno 2011 14:36

Re: Zřejmě Unlocker

#11 Příspěvek od yvonne_K »

Ok, provedu. Ještě jednou moc děkuji za pomoc a přeji co nejméně zavirovaných počítačů!
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Zřejmě Unlocker

#12 Příspěvek od Rudy »

Děkuji za přání a vy nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“