Lagy internetu-prosím o preventivku

Zpráva

BloodLuke · #1 Příspěvek od **BloodLuke** » 12 srp 2014 14:43

RSIT Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Luke at 2014-08-12 15:39:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 725 GB (76%) free of 954 GB
Total RAM: 8120 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:39:58, on 12.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Luke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com/?gd=&ctid=CT332219 ... 8678&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Windows_Update] C:\Window\Ressource_System\Windows_Update.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{33839400-2477-4C38-B789-5D0E9D675CAD}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{33839400-2477-4C38-B789-5D0E9D675CAD}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{33839400-2477-4C38-B789-5D0E9D675CAD}: NameServer = 4.2.2.2,4.2.2.3
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Internet Explorer ETW Collector Service (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10572 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {072CC690-257D-49EF-BF0F-2F37E1A0CBE9}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 02f13f71-a988-444e-8715-6f8698bb75f7 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "817177479236499164-1676864349-81804979-232135086138051583513990046371284286342
\??\C:\Windows\system32\conhost.exe "-955783581718002216-2082082723892356655-1058334879121919816229478852-1798655598
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6260.0.1421824790\797008846" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x1187 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.2.1170285407\190738118" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.5.1964321168\1464815236" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.6.1633764321\488181037" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.9.371092729\971830944" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.22.1358153050\755242116" /prefetch:673131151

"C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe" -steam -game tf
C:\Program Files (x86)\Steam\GameOverlayUI.exe -pid 4084 -manuallyclearframes 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.82.1972904135\1159233996" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.86.1551759096\669873833" /prefetch:673131151
"C:\Windows\system32\cmd.exe"
\??\C:\Windows\system32\conhost.exe "1515872579-78845203567495380176245124189851745311836676655657265261811510666
ping -t www.google.com
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.99.1239834921\225939383" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.103.809176375\642312889" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.104.639245633\561063983" /prefetch:673131151
"C:\Program Files\Defraggler\Defraggler64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.106.1189945149\763573559" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/GwsPrerenderNavSuggest/Default/OmniboxBundledExperimentV1/StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SPDY/SpdyDisabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="6260.110.1457656806\2090002736" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Luke\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2990481512-2042667007-349281099-1000Core.job - C:\Users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2990481512-2042667007-349281099-1000UA.job - C:\Users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-07-01 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-20 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-04 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-20 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-04 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-07-01 7575768]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows_Update"=C:\Window\Ressource_System\Windows_Update.exe [2014-08-02 367616]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CommandCenter]
C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [2013-11-13 809968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-05-30 3588952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-03 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fast Boot]
C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2012-09-19 764472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21 3816784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ISCTSystray.lnk]
C:\PROGRA~1\Intel\INTEL(~3\ISCTSY~1.EXE [2013-08-01 5545448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Luke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FICV"=ficvdec_x64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-12 15:39:49 ----D---- C:\rsit
2014-08-12 15:39:49 ----D---- C:\Program Files\trend micro
2014-08-06 11:27:01 ----D---- C:\Program Files (x86)\Unigine
2014-08-02 20:54:44 ----D---- C:\Program Files (x86)\VTFEdit
2014-07-29 17:41:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-07-29 17:36:13 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-07-29 17:36:12 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-07-29 17:36:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-07-29 17:36:12 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-07-29 17:36:12 ----A---- C:\Windows\system32\nvopencl.dll
2014-07-29 17:36:12 ----A---- C:\Windows\system32\nvoglv64.dll
2014-07-29 17:36:12 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-07-29 17:36:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-07-29 17:36:11 ----A---- C:\Windows\system32\nvinitx.dll
2014-07-29 17:36:11 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-07-29 17:36:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-07-29 17:36:10 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-07-29 17:36:10 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-07-29 17:36:10 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-07-29 17:36:10 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-07-29 17:36:10 ----A---- C:\Windows\system32\NvIFR64.dll
2014-07-29 17:36:10 ----A---- C:\Windows\system32\NvFBC64.dll
2014-07-29 17:36:10 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-07-29 17:36:09 ----A---- C:\Windows\system32\nvdispgenco6434052.dll
2014-07-29 17:36:09 ----A---- C:\Windows\system32\nvdispco6434052.dll
2014-07-29 17:36:09 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-07-29 17:36:08 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-07-29 17:36:08 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-07-29 17:36:08 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-07-29 17:36:08 ----A---- C:\Windows\system32\nvcuvid.dll
2014-07-29 17:36:08 ----A---- C:\Windows\system32\nvcuda.dll
2014-07-29 17:36:08 ----A---- C:\Windows\system32\nvcompiler.dll
2014-07-29 17:31:38 ----D---- C:\NVIDIA
2014-07-27 17:27:24 ----D---- C:\Users\Luke\AppData\Roaming\dlg
2014-07-27 17:24:55 ----D---- C:\Users\Luke\AppData\Roaming\VOPackage
2014-07-27 17:24:11 ----D---- C:\Program Files (x86)\SearchProtect
2014-07-27 16:51:18 ----A---- C:\Windows\system32\drivers\vrtaucbl.sys
2014-07-25 10:32:22 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-07-23 11:50:39 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-07-23 11:50:36 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-23 11:50:36 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-07-23 11:50:36 ----A---- C:\Windows\SYSWOW64\java.exe
2014-07-18 13:33:40 ----D---- C:\Users\Luke\AppData\Roaming\TeamViewer
2014-07-18 13:33:36 ----D---- C:\Program Files (x86)\TeamViewer
2014-07-17 18:02:21 ----D---- C:\Users\Luke\AppData\Roaming\Window
2014-07-17 13:59:11 ----D---- C:\Window
2014-07-15 18:02:32 ----D---- C:\Users\Luke\AppData\Roaming\Macromedia
2014-07-14 21:44:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-14 21:44:54 ----D---- C:\Windows\SYSWOW64\Macromed
2014-07-14 21:44:53 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 month======

2014-08-12 15:39:55 ----D---- C:\Windows\Temp
2014-08-12 15:39:49 ----D---- C:\Program Files
2014-08-12 15:36:51 ----D---- C:\Users\Luke\AppData\Roaming\Skype
2014-08-12 14:36:41 ----D---- C:\Program Files (x86)\Steam
2014-08-12 13:52:39 ----D---- C:\Users\Luke\AppData\Roaming\.minecraft
2014-08-12 09:50:58 ----D---- C:\Windows\system32\config
2014-08-12 09:40:32 ----SHD---- C:\System Volume Information
2014-08-12 09:36:47 ----SHD---- C:\Windows\Installer
2014-08-12 09:36:47 ----SHD---- C:\Config.Msi
2014-08-12 09:36:47 ----D---- C:\ProgramData\Skype
2014-08-12 09:36:44 ----D---- C:\Program Files (x86)\Common Files
2014-08-12 09:34:05 ----D---- C:\Windows\system32\drivers
2014-08-12 09:32:51 ----D---- C:\ProgramData\NVIDIA
2014-08-11 16:20:46 ----D---- C:\Windows\Prefetch
2014-08-06 11:27:01 ----RD---- C:\Program Files (x86)
2014-08-06 10:38:17 ----D---- C:\Windows\system32\catroot2
2014-08-04 21:13:52 ----D---- C:\Users\Luke\AppData\Roaming\uTorrent
2014-08-01 13:33:57 ----D---- C:\Program Files (x86)\Google
2014-07-30 10:24:57 ----D---- C:\Windows
2014-07-30 10:23:33 ----D---- C:\Windows\SysWOW64
2014-07-30 10:23:33 ----D---- C:\Windows\System32
2014-07-29 17:41:48 ----D---- C:\Windows\inf
2014-07-29 17:41:38 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-07-29 17:41:20 ----D---- C:\Windows\system32\DriverStore
2014-07-29 17:41:20 ----D---- C:\Windows\system32\catroot
2014-07-29 17:38:02 ----D---- C:\Program Files\NVIDIA Corporation
2014-07-28 10:37:26 ----D---- C:\Program Files\CCleaner
2014-07-27 17:28:24 ----D---- C:\Windows\system32\Tasks
2014-07-27 17:28:23 ----D---- C:\Windows\Tasks
2014-07-27 17:24:18 ----D---- C:\Windows\AppPatch
2014-07-25 11:26:36 ----D---- C:\Windows\system32\NDF
2014-07-25 10:30:16 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-25 10:30:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-23 11:50:49 ----D---- C:\ProgramData\Oracle
2014-07-23 11:50:36 ----D---- C:\Program Files (x86)\Java
2014-07-22 21:38:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-20 12:06:01 ----SD---- C:\ProgramData\Microsoft
2014-07-18 13:33:42 ----RSD---- C:\Windows\Fonts
2014-07-15 22:32:57 ----D---- C:\Windows\system32\wdi
2014-07-13 15:24:56 ----D---- C:\Windows\SYSWOW64\directx
2014-07-13 15:22:58 ----HD---- C:\Windows\msdownld.tmp
2014-07-13 15:22:51 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-04 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-04 224896]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-04 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-04 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-04 427360]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-04 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-04 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-04 92008]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2013-01-07 25448]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\Windows\system32\DRIVERS\AcpiCtlDrv.sys [2012-07-17 25880]
R3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2014-05-26 76464]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2013-01-23 27608]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-01 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-01 21920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-01 3962840]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2013-08-01 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2014-05-26 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-06-04 100312]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2012-10-26 13368]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2014-05-26 29312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2014-05-26 50864]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-01 939224]
R3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\Windows\system32\DRIVERS\vrtaucbl.sys [2014-07-27 110368]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-30 450520]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [2012-11-19 13368]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [2012-11-26 13368]
S3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [2012-11-20 13368]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [2012-11-19 13368]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [2012-11-19 13368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 sscdserd;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\sscdserd.sys [2010-11-11 141384]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-04 50344]
R2 CltMngSvc;Search Protect Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-08-06 2982336]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-07-21 2544976]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-07-16 377616]
R2 MSI_FastBoot;MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2012-10-26 103992]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21007192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-05 76888]
R2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 IEEtwCollectorService;Internet Explorer ETW Collector Service; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-17 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
S4 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-06-30 279000]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-13 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-13 116648]
S4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S4 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-06-30 315352]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
S4 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-09-26 30240]
S4 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2013-09-11 2100736]
S4 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [2013-11-04 309248]
S4 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2013-09-12 2114560]
S4 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [2013-09-12 4110336]
S4 MSICTL_CC;MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [2013-10-09 1985536]
S4 MSIDDR_CC;MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2013-09-11 2224640]
S4 MSISaveLoad_CC;MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [2013-07-18 3957248]
S4 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [2013-09-11 177152]
S4 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [2013-09-12 503808]
S4 MSIWMI_CC;MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [2013-10-21 175104]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 12 srp 2014 21:01

Zdravim

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Window\Ressource_System\Windows_Update.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

BloodLuke · #3 Příspěvek od **BloodLuke** » 13 srp 2014 10:29

Bohužel než jste mi odpověděl,tak jsem prováděl kontrolu přes Malware bites Anti-Malware a ten soubor co jste chtěl otestovat ho asi smazal nebo je v karanténě.Měl jsem přes 150 malwaru,vše jsem dal do karantény.

Log z JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Luke on st 13.08.2014 at 11:10:19,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 13.08.2014 at 11:14:34,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log z ADW:
# AdwCleaner v3.304 - Report created 13/08/2014 at 11:21:45
# Updated 08/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Luke - LUKE-PC
# Running from : C:\Users\Luke\Desktop\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Luke\AppData\Roaming\VOPackage

***** [ Scheduled Tasks ] *****

Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\Software\SafetyNut

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : dlfienamagdnkekbbbocojppncdambda
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [1749 octets] - [13/08/2014 11:18:34]
AdwCleaner[S0].txt - [1688 octets] - [13/08/2014 11:21:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1748 octets] ##########

#4 Příspěvek od **vyosek** » 13 srp 2014 10:37

Poprosim tedy o i ten log z MBAMu

BloodLuke · #5 Příspěvek od **BloodLuke** » 13 srp 2014 11:08

Omlouvám se jestli to není ono :/ nic jiného jsem nenašel.

2014/08/12 16:06:49 +0200 mbam-log-2014-08-12 (16-06-48).xml yes 2.00.2.1012 v2014.08.12.04 v2014.08.04.01 free disabled disabled disabled Windows 7 Service Pack 1 x64 Luke NTFS threat completed 328152 783 0 0 52 4 3 26 91 0 enabled enabled enabled enabled disabled disabled enabled warn enabled HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvcPUP.Optional.SearchProtect.Asuccess288cc4015229e84eb092d9be03fe659b HKU\S-1-5-21-2990481512-2042667007-349281099-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}PUP.Optional.SearchProtect.Asuccess2c8815b0f685e84eb7573f299270847c HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtectPUP.Optional.SearchProtect.Asuccessffb521a444374ee8de153ee851b3b54b HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exePUP.Optional.IFEO.Asuccessd7ddba0bf7845bdb730056e848bc0ff1 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exePUP.Optional.IFEO.Asuccess4b69daebafccce68babafd415da7d030 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exePUP.Optional.IFEO.Asuccess654fd2f31c5fa096b1c49da17193ba46 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exePUP.Optional.IFEO.Asuccess3f7501c4017ad165f77f122ced179e62 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exePUP.Optional.IFEO.Asuccess82325174a8d383b31c5bc07e08fcd828 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exePUP.Optional.IFEO.Asuccess0ba971546e0d5adc294fab93c63e0bf5 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exePUP.Optional.IFEO.Asuccessa80c3a8bf28937ff48313a04976d53ad HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflipPUP.Optional.IFEO.Asuccessbafaf8cd027987afbbbf72cc1ce8ca36 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exePUP.Optional.IFEO.Asuccessdcd8e5e075066cca403b2d11996b4cb4 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exePUP.Optional.IFEO.Asuccess14a0e9dc5f1c83b39ede2e107094857b HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exePUP.Optional.IFEO.Asuccess3b79b51037441125e8951c223fc59c64 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exePUP.Optional.IFEO.Asuccesse0d4f5d0dd9e6acc8ef086b80ef6f20e HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exePUP.Optional.IFEO.Asuccessb40000c5f388d5618af5de6047bdc838 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exePUP.Optional.IFEO.Asuccess367e962f621987af1e628bb3f4106e92 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exePUP.Optional.IFEO.Asuccess664e9c29255690a699e8132b2fd5cc34 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exePUP.Optional.IFEO.Asuccess7f35b01598e3fa3c86fc75c914f06e92 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exePUP.Optional.IFEO.Asuccessf6bebd083c3fff3793ef65d906fe29d7 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exePUP.Optional.IFEO.Asuccess02b2b510d1aa91a5493a52ece91b44bc HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exePUP.Optional.IFEO.Asuccess01b3c203225973c32262e95508fc639d HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaroPUP.Optional.IFEO.Asuccessd2e24085512ab284770eae90a75d7090 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteeraPUP.Optional.IFEO.Asuccess4b69ffc63b40b77f1472ab93e91b7987 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exePUP.Optional.IFEO.Asuccess9f15992c512a63d3dfa889b536ce10f0 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exePUP.Optional.IFEO.Asuccess44707f467ffc5bdb2b5db985e71d35cb HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exePUP.Optional.IFEO.Asuccesscaea4085bcbfcb6b383b3e00c73d4ab6 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exePUP.Optional.IFEO.Asuccess7341c203b9c2be7888ec6ad4778d7090 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exePUP.Optional.IFEO.Asuccess0aaa6d585b2021151f569f9ffe06f10f HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exePUP.Optional.IFEO.Asuccessc8ec41842b50280e01751f1f4cb8e020 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exePUP.Optional.IFEO.Asuccessaa0a9c299fdc85b1374066d8f113eb15 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exePUP.Optional.IFEO.Asuccess0ea6ac19accf7fb77afeb886e42043bd HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exePUP.Optional.IFEO.Asuccess585c764ffc7fc373bfbacd7159ab6a96 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflipPUP.Optional.IFEO.Asuccess268e8a3bafcc76c0ea90d66817ed5da3 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exePUP.Optional.IFEO.Asuccess3c78cff6710a9c9acead102ece36b050 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exePUP.Optional.IFEO.Asuccess7c3893324e2d58de027a7cc247bdac54 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exePUP.Optional.IFEO.Asuccess9321c401f388b48257263a046e9608f8 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exePUP.Optional.IFEO.Asuccess179d893c0972b086f38b271754b005fb HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exePUP.Optional.IFEO.Asuccessfcb85c698fecef47f689300e5da7659b HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exePUP.Optional.IFEO.Asuccess882c7b4a116acc6af38d1c2224e0fa06 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exePUP.Optional.IFEO.Asuccess2193487d33480b2b423f70ce23e1c739 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exePUP.Optional.IFEO.Asuccess3a7a8540116a6fc72c5687b735cf867a HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exePUP.Optional.IFEO.Asuccess7b39269f95e676c0fa88f549d82cf30d HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exePUP.Optional.IFEO.Asuccessb0047a4b38432412255e162854b00ff1 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exePUP.Optional.IFEO.Asuccess0aaad9ec4d2e80b600840f2f51b307f9 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaroPUP.Optional.IFEO.Asuccess387cf9cc4a310e281d686ed0679d07f9 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteeraPUP.Optional.IFEO.Asuccess456fc2039ddef93d7b0b50ee24e09967 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exePUP.Optional.IFEO.Asuccessefc518ad5a21ff3790f761dddc28827e HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exePUP.Optional.IFEO.Asuccess11a3cafb85f684b2f593fd41887c9967 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGEPUP.Optional.VOPackagesuccess2a8a2d98681360d6d0c1f9e5ad55ef11 HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECTPUP.Optional.SearchProtect.Asuccessfeb66f560d6efa3cc48f11d248baf30d HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPDPUP.Optional.SearchProtectsuccess5460bb0a2e4d1d195638a33925dd1fe1 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPACKAGEUninstallStringPUP.Optional.VOPackagesuccess"C:\Users\Luke\AppData\Roaming\VOPackage\uninstall.exe"2a8a2d98681360d6d0c1f9e5ad55ef11 HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECTInstallDirPUP.Optional.SearchProtect.AsuccessC:\PROGRA~2\SearchProtectfeb66f560d6efa3cc48f11d248baf30d HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPDImagePathPUP.Optional.SearchProtectsuccess\??\C:\Windows\system32\drivers\SPPD.sys5460bb0a2e4d1d195638a33925dd1fe1 HKU\S-1-5-21-2990481512-2042667007-349281099-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNWindows_UpdateBackdoor.Agent.WUGensuccessC:\Window\Ressource_System\Windows_Update.exed9db309582f9fd39e55108e271924fb1 HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWSAppInit_DLLsPUP.Optional.SearchProtect.AreplacedC:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dllC:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dllf2c215b06f0c2d090240217678895aa6 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWSAppInit_DLLsPUP.Optional.SearchProtect.Areplaced

#6 Příspěvek od **vyosek** » 13 srp 2014 11:33

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

BloodLuke · #7 Příspěvek od **BloodLuke** » 13 srp 2014 14:18

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/13/2014 02:27:43 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\Windows\AppPatch\spbin => C:\PROGRA~2\SearchProtect\SearchProtect\bin [Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 08/13/2014 02:28:07 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)

--------------------------------------------------------------------------------------------------------------------

ComboFix 14-08-12.01 - Luke 13.08.2014 14:32:54.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8120.6393 [GMT 2:00]
Spuštěný z: c:\users\Luke\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Windows Services
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-13 do 2014-08-13 )))))))))))))))))))))))))))))))
.
.
2014-08-13 12:38 . 2014-08-13 12:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-13 12:38 . 2014-08-13 12:38 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-13 10:17 . 2014-08-13 10:17 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{46F1D38C-462E-4D44-AE4E-610274B3C6D4}\offreg.dll
2014-08-13 09:18 . 2014-08-13 09:21 -------- d-----w- C:\AdwCleaner
2014-08-12 14:00 . 2014-08-12 14:00 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-12 13:39 . 2014-08-12 13:40 -------- d-----w- C:\rsit
2014-08-12 13:39 . 2014-08-12 13:39 -------- d-----w- c:\program files\trend micro
2014-08-12 07:40 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{46F1D38C-462E-4D44-AE4E-610274B3C6D4}\mpengine.dll
2014-08-12 07:36 . 2014-08-12 07:36 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-06 09:28 . 2014-08-06 09:32 -------- d-----w- c:\users\Luke\Heaven
2014-08-06 09:27 . 2014-08-06 09:27 -------- d-----w- c:\program files (x86)\Unigine
2014-08-02 18:54 . 2014-08-02 18:54 -------- d-----w- c:\program files (x86)\VTFEdit
2014-07-29 15:31 . 2014-07-29 15:31 -------- d-----w- C:\NVIDIA
2014-07-27 15:27 . 2014-07-27 15:27 -------- d-----w- c:\users\Luke\AppData\Roaming\dlg
2014-07-25 08:32 . 2014-07-25 08:32 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-07-18 11:33 . 2014-07-18 11:33 -------- d-----w- c:\users\Luke\AppData\Roaming\TeamViewer
2014-07-18 11:33 . 2014-07-18 11:33 -------- d-----w- c:\program files (x86)\TeamViewer
2014-07-17 16:02 . 2014-07-17 16:02 -------- d-----w- c:\users\Luke\AppData\Roaming\Window
2014-07-17 11:59 . 2014-07-17 11:59 -------- d-----w- C:\Window
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 21:10 . 2014-05-24 10:03 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-05 11:18 . 2014-05-13 14:12 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-05 11:18 . 2014-07-05 11:14 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-05 11:18 . 2014-05-13 14:12 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-05 11:16 . 2014-05-13 14:12 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-07-04 14:29 . 2014-05-13 13:30 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-04 14:29 . 2014-05-13 13:30 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-07-04 14:29 . 2014-05-13 13:30 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-04 14:29 . 2014-05-13 13:30 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-07-04 14:29 . 2014-05-13 13:30 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-04 14:29 . 2014-05-13 13:30 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-04 14:29 . 2014-05-13 13:30 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-04 14:29 . 2014-05-13 13:30 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-04 14:29 . 2014-05-13 13:30 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-04 14:29 . 2014-07-04 14:29 43152 ----a-w- c:\windows\avastSS.scr
2014-07-02 20:48 . 2014-05-27 13:38 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-05-13 16:45 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-05-13 12:54 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2014-05-13 12:54 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2014-05-13 12:54 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2014-05-13 12:54 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 18:55 . 2014-05-13 12:56 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-05-13 12:56 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-05-13 12:56 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-05-13 12:56 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-05-13 12:56 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2014-05-13 12:56 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 10:14 . 2014-05-13 12:56 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-07-01 09:33 . 2014-07-01 09:33 2101848 ----a-w- c:\windows\system32\WavesGUILib64.dll
2014-07-01 09:33 . 2014-07-01 09:33 628952 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-07-01 09:33 . 2014-07-01 09:33 3962840 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-07-01 09:33 . 2014-07-01 09:33 2834648 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-07-01 09:33 . 2014-07-01 09:33 2800344 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-07-01 09:33 . 2014-07-01 09:33 1959128 ----a-w- c:\windows\system32\RTSnMg64.cpl
2014-07-01 09:33 . 2014-07-01 09:33 1022168 ----a-w- c:\windows\system32\RtkApi64.dll
2014-07-01 09:33 . 2014-07-01 09:33 948952 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-07-01 09:33 . 2014-07-01 09:33 2000152 ----a-w- c:\windows\system32\MBAPO264.dll
2014-07-01 09:33 . 2014-07-01 09:33 1728280 ----a-w- c:\windows\SysWow64\MBAPO232.dll
2014-07-01 09:33 . 2014-07-01 09:33 2041432 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2014-07-01 09:33 . 2014-07-01 09:33 1063512 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2014-07-01 09:32 . 2014-07-01 09:32 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-01 09:32 . 2014-07-01 09:32 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-01 09:32 . 2014-05-13 13:12 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-01 09:07 . 2014-05-30 14:18 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-30 10:04 . 2014-06-30 10:04 241664 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2014-06-30 10:04 . 2014-06-30 10:04 193536 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2014-06-30 10:04 . 2014-06-30 10:04 444376 ----a-w- c:\windows\system32\igfxTray.exe
2014-06-30 10:04 . 2014-06-30 10:04 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2014-06-30 10:04 . 2014-06-30 10:04 191448 ----a-w- c:\windows\system32\igfxext.exe
2014-06-30 10:04 . 2014-05-30 14:13 501720 ----a-w- c:\windows\system32\igfxEM.exe
2014-06-30 10:04 . 2014-05-30 14:13 315352 ----a-w- c:\windows\system32\igfxCUIService.exe
2014-06-30 10:04 . 2014-05-30 14:13 244184 ----a-w- c:\windows\system32\igfxHK.exe
2014-06-30 10:04 . 2014-06-30 10:04 930264 ----a-w- c:\windows\system32\GfxUIEx.exe
2014-06-30 10:04 . 2014-06-30 10:04 544216 ----a-w- c:\windows\system32\DPTopologyApp.exe
2014-06-30 10:04 . 2014-06-30 10:04 543704 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2014-06-30 10:04 . 2014-06-30 10:04 4342744 ----a-w- c:\windows\system32\Gfxv4_0.exe
2014-06-30 10:04 . 2014-06-30 10:04 4339160 ----a-w- c:\windows\system32\Gfxv2_0.exe
2014-06-30 10:04 . 2014-06-30 10:04 393176 ----a-w- c:\windows\system32\CustomModeApp.exe
2014-06-30 10:04 . 2014-06-30 10:04 392664 ----a-w- c:\windows\system32\CustomModeAppv2_0.exe
2014-06-30 10:04 . 2014-06-30 10:04 153048 ----a-w- c:\windows\system32\difx64.exe
2014-06-30 02:09 . 2014-07-09 14:36 519168 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 02:04 . 2014-07-09 14:36 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-20 20:35 . 2014-06-20 20:35 313256 ----a-w- c:\windows\system32\javaws.exe
2014-06-20 20:35 . 2014-06-20 20:35 189352 ----a-w- c:\windows\system32\javaw.exe
2014-06-20 20:35 . 2014-06-20 20:35 189352 ----a-w- c:\windows\system32\java.exe
2014-06-20 20:35 . 2014-06-20 20:35 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-06-20 20:14 . 2014-07-09 14:36 266424 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 01:39 . 2014-07-09 14:36 23464448 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 01:06 . 2014-07-09 14:36 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 01:06 . 2014-07-09 14:36 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48 . 2014-07-09 14:36 2768384 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 00:42 . 2014-07-09 14:36 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-06-19 00:42 . 2014-07-09 14:36 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 00:41 . 2014-07-09 14:36 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41 . 2014-07-09 14:36 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-06-19 00:32 . 2014-07-09 14:36 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 00:31 . 2014-07-09 14:36 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 00:26 . 2014-07-09 14:36 598016 ----a-w- c:\windows\system32\ieui.dll
2014-06-19 00:24 . 2014-07-09 14:36 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-06-19 00:24 . 2014-07-09 14:36 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-06-19 00:23 . 2014-07-09 14:36 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-06-19 00:14 . 2014-07-09 14:36 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09 . 2014-07-09 14:36 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-18 23:59 . 2014-07-09 14:36 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56 . 2014-07-09 14:36 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53 . 2014-07-09 14:36 195584 ----a-w- c:\windows\system32\msrating.dll
2014-06-18 23:51 . 2014-07-09 14:36 5721088 ----a-w- c:\windows\system32\jscript9.dll
2014-06-18 23:50 . 2014-07-09 14:36 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-18 23:48 . 2014-07-09 14:36 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-18 23:39 . 2014-07-09 14:36 608768 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-18 23:38 . 2014-07-09 14:36 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-06-18 23:37 . 2014-07-09 14:36 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-18 23:36 . 2014-07-09 14:36 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35 . 2014-07-09 14:36 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33 . 2014-07-09 14:36 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-18 23:27 . 2014-07-09 14:36 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27 . 2014-07-09 14:36 2040832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-18 23:23 . 2014-07-09 14:36 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22 . 2014-07-09 14:36 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06 . 2014-07-09 14:36 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R4 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
R4 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [x]
R4 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [x]
R4 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe [x]
R4 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [x]
R4 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe [x]
R4 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [x]
R4 MSISaveLoad_CC;MSISaveLoad_CC;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [x]
R4 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [x]
R4 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [x]
R4 MSIWMI_CC;MSIWMI_CC;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe [x]
R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R4 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-13 07:49 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2990481512-2042667007-349281099-1000Core.job
- c:\users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-03 17:15]
.
2014-08-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2990481512-2042667007-349281099-1000UA.job
- c:\users\Luke\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-03 17:15]
.
2014-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-13 13:12]
.
2014-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-13 13:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-07-01 09:21 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-04 14:29 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Luke\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-07-01 7575768]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{33839400-2477-4C38-B789-5D0E9D675CAD}: NameServer = 4.2.2.2,4.2.2.3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2990481512-2042667007-349281099-1000\Software\SecuROM\License information*]
"datasecu"=hex:12,77,e5,45,79,53,21,91,e8,d9,58,dd,c7,5f,a6,08,d7,53,b5,6d,d7,
f4,9d,26,db,28,d5,dc,c9,2b,ba,8f,72,bf,ef,1d,9f,6f,11,45,fa,99,2c,9b,88,17,\
"rkeysecu"=hex:63,e8,7f,f5,d5,9e,7b,e9,80,44,ce,5c,22,b4,bf,0d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-08-13 14:39:35
ComboFix-quarantined-files.txt 2014-08-13 12:39
.
Před spuštěním: Volných bajtů: 758 040 039 424
Po spuštění: Volných bajtů: 758 265 593 856
.
- - End Of File - - AF8C50EBF025FED45EEDF98C3E63B148
A36C5E4F47E84449FF07ED3517B43A31

#8 Příspěvek od **vyosek** » 13 srp 2014 20:43

Jak se chova PC??

BloodLuke · #9 Příspěvek od **BloodLuke** » 13 srp 2014 22:42

docela dobře,ale jen ten ping je zlý.To asi není počítačem,ale poskytovatelem internetu. Děkuji Můžete LOCK.

#10 Příspěvek od **vyosek** » 14 srp 2014 09:21

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Pokud je ping zly, zkuste kontaktovat poskytovatele

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Lagy internetu-prosím o preventivku

Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku

Re: Lagy internetu-prosím o preventivku