VIRY.CZ

Logfile of random's system information tool 1.08 (written by random/random)
Run by toshiba at 2014-05-29 17:19:27
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 423 GB (89%) free of 477 GB
Total RAM: 5733 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:38, on 29.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Users\toshiba\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\FreeRide Games\GPlayer.exe
C:\Users\toshiba\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\congstar\Internet-Manager\Bin\dbus-daemon.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\congstar\Internet-Manager\Bin\db_daemon.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\trend micro\toshiba.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... X62JUT9AZT
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ATU4&o= ... 04-24&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... X62JUT9AZT
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... X62JUT9AZT
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: 2rs3 - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll
O2 - BHO: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files (x86)\IminentToolbar\1.8.25.0\bh\iminent.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Ask Toolbar BHO - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (file missing)
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll
O2 - BHO: FoxyDeal Plugin - {C4B89A95-34DD-4206-A36F-AD64335A9D09} - C:\Program Files (x86)\foxydeal\F0xy_D3al.dll
O2 - BHO: buenosearch Helper Object - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll
O3 - Toolbar: Ask Toolbar - {41545534-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll" (file missing)
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll
O3 - Toolbar: Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentTlbr.dll
O3 - Toolbar: buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\toshiba\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\toshiba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\toshiba\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [Exetender_148] "C:\Program Files (x86)\FreeRide Games\GPlayer.exe" /schedule 300000
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: MCtlSvc.lnk = C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\toshiba\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Stáhnout s Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\secureassist.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\secureassist.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\secureassist.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\secureassist.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\secureassist.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} (ExentInf1 Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginService\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SecureAssist - SecureAssist - C:\Program Files\SupraSavings\SecureAssist.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SProtection - Iminent - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: WajamUpdater - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - C:\ProgramData\WPM\wprotectmanager.exe

--
End of file - 15559 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 28816352
\??\C:\Windows\system32\conhost.exe "249571831-16998074381845673844115171600711344483-1168035111-9721934961523492148
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\ProgramData\IePluginService\PluginService.exe -service
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe"
"C:\Users\toshiba\AppData\Roaming\Yontoo\YontooDesktop.exe"
"C:\Program Files (x86)\FreeRide Games\GPlayer.exe" /schedule 300000
szndesktop.exe default start
"C:\Program Files\SupraSavings\SecureAssist.exe"
"C:\Users\toshiba\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
\??\C:\Windows\system32\conhost.exe "644177863794053244703003048673859024-10594901068877153251618540424-440355506
"C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\cmd.exe /c dbus-daemon.bat
\??\C:\Windows\system32\conhost.exe "1938419965971426374-745560868-9185736529283710879697441241111217877-796048463
dbus-daemon.exe --config-file=session.conf
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Iminent\Iminent.exe" /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
db_daemon.exe
"C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe"
"C:\Program Files (x86)\Iminent\Iminent.Messengers.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\toshiba\AppData\Roaming\Yontoo\YontooDesktop.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2a9c0a96-20a4-41f1-85f9-d580718e4183 -SystemEventPortName:HostProcess-96b84f44-7d20-4eb0-9704-c6a33b9a2156 -IoCancelEventPortName:HostProcess-32cb2369-682f-4f1e-b2ff-6172abf3d67d -NonStateChangingEventPortName:HostProcess-4d039a15-a6a2-4c0a-99f0-b5cabe9d549c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2516c4de-1d35-48bb-9d4e-4035170e00e6 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://istart.webssearches.com/?type=sc ... X62JUT9AZT
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4796.0.177141680\793094777" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9809 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.930.13.1000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarkValue10LaunchCandidate/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4796.2.2032538776\293536646" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarkValue10LaunchCandidate/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4796.3.760086135\979244750" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/Disabled/GoogleNow/Enable/OmniboxBundledExperimentV1/StableBookmarkValue10LaunchCandidate/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_11/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4796.10.60768256\996623569" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4796.11.516931026\398993788" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe" --IPCport 5939
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\toshiba\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\COMODO Updater.job
C:\Windows\tasks\DSite.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SaveSense.job
C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineCore.job
C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport_x64.dll [2014-03-19 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-29 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
IMinent WebBooster (BHO) - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll [2014-02-19 359976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-03-21 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
2rs3 - C:\Program Files (x86)\SupraSavings\2rs3.dll [2014-03-21 91104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}]
iminent Helper Object - C:\Program Files (x86)\IminentToolbar\1.8.25.0\bh\iminent.dll [2013-08-22 307608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-04-11 513648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41545534-0076-A76A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2014-03-19 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-08 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-29 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
IMinent WebBooster (BHO) - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll [2014-02-19 300072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]
Wajam - C:\Program Files (x86)\Wajam\IE\priam_bho.dll [2013-10-11 291328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
delta Helper Object - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll [2013-03-13 251288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4B89A95-34DD-4206-A36F-AD64335A9D09}]
FoxyDeal Plugin - C:\Program Files (x86)\foxydeal\F0xy_D3al.dll [2013-09-08 177664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}]
buenosearch Helper Object - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll [2013-11-08 280984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41545534-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport_x64.dll [2014-03-19 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41545534-0076-A76A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU4\Passport.dll [2014-03-19 12240]
{82E1477C-B154-48D3-9891-33D83C26BCD3} - Delta Toolbar - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll [2013-03-13 325016]
{1FAFD711-ABF9-4F6A-8130-5166C7371427} - Iminent Toolbar - C:\Program Files (x86)\IminentToolbar\1.8.25.0\iminentTlbr.dll [2013-08-22 293784]
{828DC97A-2277-4E10-92A9-4907FA0922A9} - buenosearch Toolbar - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll [2013-11-08 297368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\toshiba\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\toshiba\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Yontoo Desktop"=C:\Users\toshiba\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-05-01 42784]
"Exetender_148"=C:\Program Files (x86)\FreeRide Games\GPlayer.exe [2013-08-28 4947280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-03-19 1801168]
"Iminent"=C:\Program Files (x86)\Iminent\Iminent.exe [2013-09-10 1074736]
"IminentMessenger"=C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [2013-09-10 884784]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-29 3888648]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MCtlSvc.lnk - C:\Program Files (x86)\congstar\Internet-Manager\Bin\mcserver.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SecureAssist]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-29 17:19:28 ----D---- C:\Program Files\trend micro
2014-05-29 17:19:27 ----D---- C:\rsit
2014-05-29 17:06:23 ----D---- C:\Users\toshiba\AppData\Roaming\TeamViewer
2014-05-29 16:50:45 ----D---- C:\Users\toshiba\AppData\Roaming\DropboxMaster
2014-05-29 16:48:37 ----D---- C:\Users\toshiba\AppData\Roaming\Dropbox
2014-05-29 16:47:50 ----D---- C:\Users\toshiba\AppData\Roaming\AVAST Software
2014-05-29 16:46:19 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-05-29 16:46:19 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-05-29 16:46:18 ----A---- C:\Windows\system32\drivers\aswsp.sys.1401374840321
2014-05-29 16:46:18 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-05-29 16:46:18 ----A---- C:\Windows\system32\drivers\aswsnx.sys.1401374840321
2014-05-29 16:46:18 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-05-29 16:46:17 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-05-29 16:46:17 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-05-29 16:46:16 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-05-29 16:46:15 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-05-28 13:41:35 ----A---- C:\autoexec.bat
2014-05-28 13:40:17 ----D---- C:\sh4ldr
2014-05-28 13:40:17 ----D---- C:\Program Files (x86)\Enigma Software Group
2014-05-28 13:38:28 ----D---- C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2014-05-28 13:28:59 ----A---- C:\Windows\ntbtlog.txt
2014-05-27 09:29:38 ----SD---- C:\Windows\SYSWOW64\Microsoft
2014-05-25 13:49:59 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-25 13:49:59 ----A---- C:\Windows\system32\mshtml.dll
2014-05-25 13:49:58 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-25 13:49:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-24 21:09:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-24 21:09:29 ----A---- C:\Windows\system32\kerberos.dll
2014-05-24 21:09:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-24 21:09:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-24 21:09:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-24 21:09:23 ----A---- C:\Windows\system32\winlogon.exe
2014-05-24 21:09:23 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-24 21:09:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-24 21:09:22 ----A---- C:\Windows\system32\objsel.dll
2014-05-24 21:09:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-24 21:09:18 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-24 21:09:17 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-24 21:09:17 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-24 21:09:16 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-24 21:09:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-24 21:09:16 ----A---- C:\Windows\system32\wdigest.dll
2014-05-24 21:09:15 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-24 21:09:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-24 21:09:13 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-24 21:09:13 ----A---- C:\Windows\system32\schannel.dll
2014-05-24 21:09:13 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-24 21:09:13 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-24 21:09:13 ----A---- C:\Windows\system32\adprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-24 21:09:12 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-24 21:09:12 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-24 21:09:11 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-24 21:09:11 ----A---- C:\Windows\system32\sspicli.dll
2014-05-24 21:09:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-24 21:09:10 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-24 21:09:10 ----A---- C:\Windows\system32\lsass.exe
2014-05-24 21:09:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-24 21:09:09 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-24 21:09:09 ----A---- C:\Windows\system32\secur32.dll
2014-05-24 21:09:09 ----A---- C:\Windows\system32\credssp.dll
2014-05-24 21:09:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-24 21:09:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-24 09:59:29 ----A---- C:\Windows\system32\shell32.dll
2014-05-24 09:59:24 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-24 09:59:20 ----A---- C:\Windows\system32\aepdu.dll
2014-05-24 09:59:18 ----A---- C:\Windows\system32\aeinv.dll
2014-05-23 23:03:56 ----D---- C:\Program Files (x86)\LPT
2014-05-23 23:03:54 ----D---- C:\Program Files\V-bates
2014-05-20 23:00:59 ----SD---- C:\Windows\system32\CompatTel
2014-04-30 08:45:15 ----A---- C:\Windows\system32\ieui.dll
2014-04-30 08:45:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-30 08:44:48 ----A---- C:\Windows\system32\vbscript.dll
2014-04-30 08:44:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-30 08:43:46 ----A---- C:\Windows\system32\iernonce.dll
2014-04-30 08:43:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-30 08:43:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 08:43:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 08:43:25 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-30 08:43:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-30 08:43:24 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-30 08:43:24 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-30 08:43:23 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-30 08:43:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-30 08:43:22 ----A---- C:\Windows\system32\msrating.dll
2014-04-30 08:43:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-30 08:43:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-30 08:43:21 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-30 08:43:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-30 08:43:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-30 08:43:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-30 08:43:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-30 08:43:15 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-30 08:43:15 ----A---- C:\Windows\system32\iesetup.dll
2014-04-30 08:43:11 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-30 08:42:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-30 08:42:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-30 08:42:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-30 08:42:51 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-30 08:42:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-30 08:42:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-30 08:42:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 08:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-30 08:42:42 ----A---- C:\Windows\system32\iertutil.dll
2014-04-30 08:42:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-30 08:42:40 ----A---- C:\Windows\system32\wininet.dll
2014-04-30 08:42:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-30 08:42:39 ----A---- C:\Windows\system32\urlmon.dll
2014-04-30 08:42:33 ----A---- C:\Windows\system32\ieframe.dll
2014-04-30 08:42:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-30 08:42:21 ----A---- C:\Windows\system32\jscript9.dll
2014-04-30 08:42:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll

======List of files/folders modified in the last 1 months======

2014-05-29 17:19:31 ----D---- C:\Windows\Temp
2014-05-29 17:19:28 ----RD---- C:\Program Files
2014-05-29 17:15:46 ----D---- C:\Windows\system32\config
2014-05-29 17:14:44 ----D---- C:\Windows\system32\Tasks
2014-05-29 17:06:25 ----RSD---- C:\Windows\Fonts
2014-05-29 17:05:57 ----D---- C:\Program Files (x86)\TeamViewer
2014-05-29 17:04:51 ----D---- C:\Users\toshiba\AppData\Roaming\Seznam.cz
2014-05-29 17:01:49 ----D---- C:\Users\toshiba\AppData\Roaming\Skype
2014-05-29 17:00:16 ----D---- C:\Users\toshiba\AppData\Roaming\Yontoo
2014-05-29 16:55:26 ----D---- C:\Windows\system32\drivers
2014-05-29 16:54:54 ----D---- C:\Windows\tracing
2014-05-29 16:51:37 ----D---- C:\Program Files\003
2014-05-29 16:46:13 ----D---- C:\Windows\winsxs
2014-05-29 16:46:12 ----D---- C:\Windows
2014-05-29 16:46:04 ----A---- C:\Windows\system32\aswBoot.exe
2014-05-29 16:44:15 ----D---- C:\Windows\system32\catroot2
2014-05-29 16:44:09 ----SHD---- C:\System Volume Information
2014-05-29 16:43:09 ----D---- C:\ProgramData\AVAST Software
2014-05-29 14:48:32 ----SHD---- C:\Config.Msi
2014-05-29 14:48:32 ----RD---- C:\Program Files (x86)
2014-05-29 14:47:37 ----SHD---- C:\Windows\Installer
2014-05-29 14:46:29 ----HD---- C:\ProgramData
2014-05-29 14:44:52 ----D---- C:\Windows\system32\catroot
2014-05-29 14:44:51 ----D---- C:\Windows\system32\DriverStore
2014-05-29 14:44:51 ----D---- C:\Windows\System32
2014-05-29 14:44:50 ----D---- C:\Windows\inf
2014-05-29 14:37:38 ----D---- C:\Temp
2014-05-29 14:36:31 ----D---- C:\Windows\Tasks
2014-05-29 14:36:31 ----D---- C:\Windows\SysWOW64
2014-05-29 14:36:31 ----D---- C:\Windows\system32\wfp
2014-05-29 14:36:31 ----D---- C:\Windows\system32\cs-CZ
2014-05-29 14:36:24 ----D---- C:\Windows\system32\wbem
2014-05-29 14:35:09 ----D---- C:\Windows\system32\drivers\etc
2014-05-29 14:35:09 ----D---- C:\Windows\PolicyDefinitions
2014-05-29 14:34:51 ----D---- C:\Windows\system32\NDF
2014-05-29 14:34:51 ----D---- C:\Windows\system32\drivers\UMDF
2014-05-29 14:34:43 ----D---- C:\Users\toshiba\AppData\Roaming\vlc
2014-05-29 14:34:43 ----D---- C:\Users\toshiba\AppData\Roaming\buenosearch LTD
2014-05-29 14:34:39 ----D---- C:\ProgramData\Microsoft Help
2014-05-29 14:34:31 ----RD---- C:\Program Files (x86)\Skype
2014-05-29 14:34:31 ----D---- C:\Program Files (x86)\Quiz_2
2014-05-29 14:33:58 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 14:33:58 ----D---- C:\Program Files (x86)\buenosearch LTD
2014-05-29 14:33:54 ----D---- C:\Users\toshiba\AppData\Roaming\File Scout
2014-05-29 14:33:50 ----D---- C:\Windows\registration
2014-05-29 14:32:44 ----D---- C:\Windows\Microsoft.NET
2014-05-29 14:32:26 ----RSD---- C:\Windows\assembly
2014-05-29 14:31:17 ----SD---- C:\Users\toshiba\AppData\Roaming\Microsoft
2014-05-29 14:31:01 ----D---- C:\ProgramData\Skype
2014-05-29 14:30:55 ----D---- C:\Program Files\Windows Sidebar
2014-05-29 14:30:55 ----D---- C:\Program Files\AVAST Software
2014-05-27 22:02:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-24 22:33:51 ----D---- C:\Windows\system32\MRT
2014-05-24 09:46:31 ----A---- C:\Windows\system32\MRT.exe
2014-05-20 22:54:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-13 17:05:05 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 09:17:04 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-30 09:17:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-30 09:17:04 ----D---- C:\Program Files\Internet Explorer
2014-04-30 09:17:03 ----D---- C:\Windows\system32\en-US
2014-04-30 09:17:03 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-29 208416]
R0 BMLoad;Bytemobile Boot Time Load Driver; C:\Windows\system32\drivers\BMLoad.sys [2009-12-15 16512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 26968]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-29 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-29 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-29 423240]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-12-09 79552]
R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-12-09 41472]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 tcpipBM;Bytemobile Kernel Network Provider; \??\C:\Windows\system32\drivers\tcpipBM.sys [2009-12-15 39552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-29 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-29 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-29 85328]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R2 X5XSEx_Pr148;X5XSEx_Pr148; \??\C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [2013-07-18 56584]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-06 10721792]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-06 327168]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-03-04 838216]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2012-06-19 880272]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver; C:\Windows\system32\DRIVERS\HSPADataCardusbmdm.sys [2011-08-19 122752]
S3 HSPADataCardusbnmea;HSPADataCard NMEA Port; C:\Windows\system32\DRIVERS\HSPADataCardusbnmea.sys [2011-08-19 122752]
S3 HSPADataCardusbser;HSPADataCard Diagnostic Port; C:\Windows\system32\DRIVERS\HSPADataCardusbser.sys [2011-08-19 122752]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2011-08-19 12800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTL8168;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-07-31 690832]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-06 235520]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-03-19 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-29 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 371648]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IePluginService;IePlugin Service; C:\ProgramData\IePluginService\PluginService.exe [2014-04-11 705136]
R2 SProtection;SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2014-05-29 3088192]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 WajamUpdater;WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-03-28 109064]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater; C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe [2013-05-01 23552]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24 116648]
S2 savesenselive;SaveSenseLive Service (savesenselive); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-04-04 146920]
S2 SecureAssist;SecureAssist; C:\Program Files\SupraSavings\SecureAssist.exe [2014-03-12 1558032]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Wpm;Wpm Service; C:\ProgramData\WPM\wprotectmanager.exe [2014-04-04 496640]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-24 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-11 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 savesenselivem;SaveSenseLive Service (savesenselivem); C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-04-04 146920]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravím!
Jak to vypadá s legalitou vašeho oper. systému?

zdravim.
uz nejakou dobu je v dolnim rohu nejake cislo .... pc neni moje .... je tam problem s otviranim stranek .... vzdy se otevre dalsi okno s redirect srv123.com
pokud je problem s legalitou systemu nemohu to ted nijak vyresit ... pc spravuji pres teamviewer ...

OK. Zkuste tento postup:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.