Prosim o kontrolu pc, pc sposobuje vypadky internetu

Zpráva

Avjeckin · #1 Příspěvek od **Avjeckin** » 01 zář 2014 20:48

Zdravim, potreboval by som podniknut hlbkovu kontrolu notebooku. Pri pripojeni na internet cez wifi vypadne v celej domacnosti internet. Pocitac nebol uz dlho nejako cisteny ani kontrolovany. Nechcel by som ho velmi preinstalovavat, mam v nom vela veci a davat to vsetko dokopy by ma stalo vela usilia. Davam vam sem log a vopred dakujem za pomoc. PS: spravu posielam na dvakrat pretoze pri prvom pokuse mi vypadol internet.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:33:59, on 01/09/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\marce_000\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=498&a ... 33&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\WINDOWS\inf\msstp.vbe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34C1CN5Z05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [LowRateVoip] "C:\Program Files (x86)\LowRateVoip.com\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/11/29 17:56:09 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14049 bytes

#2 Příspěvek od **JaRon** » 02 zář 2014 08:12

ahoj,
je tam BCM - najprv vycisti PC s MBAM

log sem

Avjeckin · #3 Příspěvek od **Avjeckin** » 02 zář 2014 09:16

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 02/09/2014
Scan Time: 09:52:50
Logfile: mbam scan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.02.03
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Avjeckin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 314685
Time Elapsed: 14 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 55
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1917471743-1216759196-412636548-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [fbe04c9c730890a69ab2d3a507fb21df],
PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-1917471743-1216759196-412636548-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, , [835836b24c2f0a2c725896e25ba74bb5],
PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, , [835836b24c2f0a2c725896e25ba74bb5],
PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}, , [835836b24c2f0a2c725896e25ba74bb5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, , [fae132b6215a66d0ae8999be7193fe02],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, , [cd0e32b626552214d16797c061a34cb4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, , [36a57f696c0f3ef85bdea1b6fa0a58a8],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, , [0ccf5c8c6b105cda3cfe70e78d77a858],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, , [ca1170783c3f122456e58fc8d52f50b0],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, , [c9128365a2d996a0a498ce89c34121df],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, , [31aa7c6c68133bfb2c111c3b12f252ae],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, , [d8037177ee8dc96d4cf23a1d6d97e31d],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, , [7962d0185c1fd26487b8c29536ce6d93],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, , [22b911d75625a09655eba4b356ae6898],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, , [6d6ebc2cb7c43ff7261b5ff82adae020],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, , [64772fb9d7a464d2ef53f463689c6e92],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, , [9348fdeb43389c9a350efe59a163d22e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, , [7863de0a423966d0ba8ae2755fa51ce4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, , [9e3de9ff3843d0669fa643147c88cb35],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, , [4e8d9c4cf2893ef868dea2b5719304fc],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, , [1ac1e1076b109f974204f56247bd42be],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, , [55866286d1aa39fd40072631c044b050],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, , [9b40df092b502115a6a2d483d82cb947],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, , [c516de0a5e1d0630a2a779de5ba945bb],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, , [f1ea6f7992e970c64307a3b446be2fd1],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, , [9c3f17d12655171f87c4fc5b50b446ba],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, , [607baf3999e248ee3e0e0552ca3ae41c],
PUP.Optional.SystemK.A, HKLM\SOFTWARE\WOW6432NODE\SystemK, , [b328faeef08bb87e096583715ea4c33d],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, , [bc1fb731c7b42a0c03346deae02427d9],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, , [845716d20e6d0b2bf345a0b7798b09f7],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, , [18c38563ed8ee452da5fb3a4db2931cf],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, , [e8f326c2d1aa7fb75ddd411636cedd23],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, , [a4378266413aaf87cc6faea9d133748c],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, , [c11aca1eb8c3af8779c3f463a85c40c0],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, , [1ac168806c0f84b28eaf2136897be41c],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, , [8e4d9c4c4e2d2b0beb53f364fe06a060],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, , [d4072cbca7d480b6172825325fa559a7],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, , [7c5fa93ff28968cece720d4ab3512cd4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, , [a63516d289f2d2642f120255689c51af],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, , [1bc0e40429528da95de5a0b7cc386c94],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, , [1dbe8464a3d84de985be223520e44ab6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, , [08d317d1c4b7ac8a1d27084f8d77bd43],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, , [38a314d40e6db0864203d28502022ad6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, , [15c626c21d5ebf7799ad81d63dc75fa1],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, , [1bc034b4b0cb8bab2c1a84d3bf4560a0],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, , [3e9d43a57308d95d1c2b540356aee11f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\utiljumpflip.exe, , [b6259850ec8fc76fec5c3a1dff05b947],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, , [3f9cfcec5c1fc571c1882c2b38cc827e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, , [bd1e6f79b5c622141c2e94c3996b7e82],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, , [29b26a7e83f8ee48ad9ef6614abad12f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, , [ce0dbd2ba6d51e181537e572eb19a759],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, , [6a7127c1d6a5e650979f789a20e3738d],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-7.6, , [10cb994ffc7f1d195164e13193706e92],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1917471743-1216759196-412636548-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [34a77d6b7a01d0664fb6e9610ff5ec14],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-1917471743-1216759196-412636548-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, , [17c429bfaecde254283691aa7b89649c],

Registry Values: 1
Trojan.Agent.SCR, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSStp, C:\WINDOWS\inf\msstp.vbe, , [1bc0a147e596b482f4a90804af54ea16]

Registry Data: 1
PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-1917471743-1216759196-412636548-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.default-search.net?sid=498&a ... 33&src=hmp, Good: (www.google.com), Bad: (http://www.default-search.net?sid=498&a ... 33&src=hmp),,[736864843f3cb68030fe459909fb49b7]

Folders: 1
PUP.Optional.Datamngr.A, C:\Users\marce_000\AppData\LocalLow\DataMngr, , [e3f8b2361467c274143fc70453af926e],

Files: 16
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncdroyws.exe, , [8259d11780fb0e281f4e348b58a9ef11],
PUP.Optional.Bitcoin, C:\Windows\SysWOW64\acumncsuuj.exe, , [647716d24437e056f07d10af00015aa6],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncdroyws.exe, , [b32896526b100036c1aa6f61877afd03],
Trojan.BitMiner, C:\Windows\SysWOW64\dcgmncsuuj.exe, , [0ad1c91f700bc5711f4cc10f976a639d],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncdroyws.exe, , [627960883e3dca6cfa764ad1e31e25db],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncsuuj.exe, , [da0110d8bac1e056aec249d252afb54b],
PUP.Optional.OpenCandy, C:\Users\marce_000\Downloads\DTLite4481-0347.exe, , [b02b6b7d215a22143fcc9b73bf466e92],
PUP.Optional.OpenCandy, C:\Users\marce_000\Downloads\GOMPLAYERENSETUP.EXE, , [b02b21c76c0ff64012f9a866669fea16],
Trojan.Bitcoin.SE, C:\Users\marce_000\Downloads\Microsoft-Office-2010---Crack.exe, , [9546e107d0abca6c3ed384a881806997],
Trojan.MSIL, C:\Users\marce_000\Downloads\Microsoft-Office-Proffesional-Plus-2010-Corporate-Final-Full-Activated--NoGRp.exe, , [459636b285f65adc4a5c94b30ef30df3],
Riskware.Keygen, C:\Windows\AutoKMS.exe, , [8b50a93f4b3052e4d47c2c8b30d0d729],
RiskWare.Tool.CK, C:\Windows\KMSEmulator.exe, , [ebf0a0487704290d369be52d30d2a858],
Trojan.Agent.SCR, C:\Windows\Inf\msstp.vbe, , [1bc0a147e596b482f4a90804af54ea16],
PUP.Optional.Datamngr.A, C:\Users\marce_000\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [e3f8b2361467c274143fc70453af926e],
PUP.Optional.Spigot.A, C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.conduit.com/?ctid=CT33247 ... 01F0&SSPV=", "https://isearch.avg.com/?cid={732FF394- ... .32&sap=hp", "http://searchfunmoods.com/?f=1&a=stonic ... 1328519260", "http://search.babylon.com/?affID=116299 ... 012e100aac", "http://search.conduit.com/?ctid=CT32204 ... hSource=48", "http://isearch.avg.com/?cid={6DFADF38-9 ... 0.4&sap=hp", "http://search.conduit.com/?CUI=UN308749 ... hSource=48", "http://isearch.babylon.com/?affID=11663 ... d2923ddab1", "http://search.fbdownloader.com/?channel=sfuk206", "http://uk.search.yahoo.com/?type=198484 ... got-yhp-ch", "http://uk.search.yahoo.com/?type=114576 ... got-yhp-ch", "http://uk.search.yahoo.com/?type=443898 ... got-yhp-ch", "http://www.google.com/", "http://uk.msn.com/?pc=UP97&ocid=UP97DHP", "http://www.search.ask.com/?o=APN10645A& ... 62-126&t=4", "http://www.search.ask.com/?o=APN10645A& ... 99-126&t=4", "http://start.mysearchdial.com/?f=1&a=md ... 934413&ir=", "http://www.search.ask.com/?o=APN10645A& ... 99-126&t=4", "http://www.search.ask.com/?o=APN10645A& ... 99-126&t=4", "http://www.search.ask.com/?o=APN10645A& ... 65-126&t=4", "http://www.search.ask.com/?o=APN10645A& ... 51-126&t=4", "http://www.default-search.net?sid=498&a ... 33&src=hmp", "http://www.default-search.net?sid=498&a ... 33&src=hmp" ],), ,[3ba0638599e260d6448f0f0a33d24cb4]
PUP.Optional.Conduit.A, C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://search.conduit.com/?ctid=CT33247 ... 01F0&SSPV=",), ,[8556cc1c1f5c1521de6c9b8029dc47b9]

Physical Sectors: 0
(No malicious items detected)

(end)

#4 Příspěvek od **JaRon** » 02 zář 2014 09:21

vsetko najdene treba odstranit v MBAM - restart a kontrola s ADWCleanerom

Avjeckin · #5 Příspěvek od **Avjeckin** » 02 zář 2014 09:54

# AdwCleaner v3.308 - Report created 02/09/2014 at 10:42:04
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Avjeckin - AVJECKIN
# Running from : C:\Users\marce_000\Downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Linkey
Folder Deleted : C:\Users\marce_000\AppData\Roaming\Systweak
File Deleted : C:\WINDOWS\System32\roboot64.exe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPDFE83D26-B284-4EF5-82E6-FA88BDD301F0&SSPV=
Deleted [Startup_urls] : hxxps://isearch.avg.com/?cid={732FF394-617B-41F2-A4FA-4FD776B6A56B}&mid=edfcbcbf9fdf47d09fe9d14868f4e35f-06ce4fc639803a2e3563922518183d8e94088cb9&lang=sk&ds=gm011&pr=sa&d=2012-05-29%2020:31:06&v=12.2.5.32&sap=hp
Deleted [Startup_urls] : hxxp://searchfunmoods.com/?f=1&a=stonicrio&chnl=stonicrio&cd=2XzuyEtN2Y1L1QzutDtDtDtCtB0EtCtDtD0A0A0Czz0D0AyDtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1328519260
Deleted [Startup_urls] : hxxp://search.babylon.com/?affID=116299&babsrc=HP_ss&mntrId=a8c58da500000000000000012e100aac
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=48
Deleted [Startup_urls] : hxxp://isearch.avg.com/?cid={6DFADF38-9363-4507-813F-FBE49CAAAD86}&mid=787fab24a34447d39dc7dd9bd4d93347-c3da11b36e7cf4b05f1b4e50ea632827b6844d3b&lang=sk&ds=gm011&pr=sa&d=2013-02-02%2013:41:08&v=13.2.0.4&sap=hp
Deleted [Startup_urls] : hxxp://search.conduit.com/?CUI=UN30874928721883450&ctid=CT3220468&SearchSource=48
Deleted [Startup_urls] : hxxp://isearch.babylon.com/?affID=116632&babsrc=HP_ss&mntrId=8a20962e0000000000000cd2923ddab1
Deleted [Startup_urls] : hxxp://search.fbdownloader.com/?channel=sfuk206
Deleted [Startup_urls] : hxxp://uk.search.yahoo.com/?type=198484&fr=spigot-yhp-ch
Deleted [Startup_urls] : hxxp://uk.search.yahoo.com/?type=114576&fr=spigot-yhp-ch
Deleted [Startup_urls] : hxxp://uk.search.yahoo.com/?type=443898&fr=spigot-yhp-ch
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=md0101&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0DyDyByC0DyE0EtDtC0AtN0D0Tzu0SyByEzytN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=639934413&ir=
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=498&aid=121& ... 33&src=hmp
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=498&aid=121& ... 33&src=hmp
Deleted [Homepage] : hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPDFE83D26-B284-4EF5-82E6-FA88BDD301F0&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\marce_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [36326 octets] - [02/09/2014 10:37:30]
AdwCleaner[R1].txt - [36387 octets] - [02/09/2014 10:39:59]
AdwCleaner[S0].txt - [4955 octets] - [02/09/2014 10:42:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5015 octets] ##########

#6 Příspěvek od **JaRon** » 02 zář 2014 11:21

ako to vypada s pocitacom

vloz log RSIT na zaverecnu kontrolu

Avjeckin · #7 Příspěvek od **Avjeckin** » 02 zář 2014 12:33

Zatial sa nic nedeje, keby nieco dam vediet.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Avjeckin at 2014-09-02 13:30:58
Microsoft Windows 8.1
System drive C: has 146 GB (24%) free of 602 GB
Total RAM: 8081 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:31:07, on 02/09/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Avjeckin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://msi13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN34C1CN5Z05WK:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [LowRateVoip] "C:\Program Files (x86)\LowRateVoip.com\LowRateVoip\LowRateVoip.exe" -nosplash -minimized
O4 - Global Startup: SRS PC Sound.lnk = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2012/11/29 17:56:09 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13606 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 391179710272
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {815f5317-bcdd-45a6-8e93353faac34eb8}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000924
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-372a39ce-7c8e-4468-a598-f2a43fd019e3 -SystemEventPortName:HostProcess-5f96f403-b773-4dae-ad9a-04d870e11c22 -IoCancelEventPortName:HostProcess-9e73df1f-d6ae-41d9-a368-a75b26cca93b -NonStateChangingEventPortName:HostProcess-6222b1f6-3bb4-450b-9eef-5c4ccd0859c1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8a84fe98-7809-4051-878c-3ddbb9b14714 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /h
"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhost.exe $(Arg0)

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\marce_000\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\AutoKMS.job - C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\tasks\AutoKMSDaily.job - C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-28 2859344]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-11-28 13192848]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2012-08-27 11577216]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2012-09-13 403848]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2012-09-13 399776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-09 2403288]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-08-09 1283136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"LowRateVoip"=C:\Program Files (x86)\LowRateVoip.com\LowRateVoip\LowRateVoip.exe [2014-02-12 19828032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-13 56128]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2012-05-23 502328]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2012-07-31 78352]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-08-12 751184]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-02-21 152392]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2014-08-04 161584]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS PC Sound.lnk - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-02 13:30:58 ----D---- C:\rsit
2014-09-02 13:30:58 ----D---- C:\Program Files\trend micro
2014-09-02 10:38:08 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-09-02 10:37:18 ----D---- C:\AdwCleaner
2014-09-02 09:51:46 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-09-02 09:51:32 ----D---- C:\ProgramData\Malwarebytes
2014-09-02 09:51:32 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-02 09:51:32 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-09-02 09:51:32 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-09-02 09:51:32 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-08-28 12:19:06 ----D---- C:\Program Files (x86)\Metro Redux Bundle
2014-08-28 10:09:55 ----D---- C:\WINDOWS\SYSWOW64\NV
2014-08-28 10:09:55 ----D---- C:\WINDOWS\system32\NV
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvopencl.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvdispgenco6434052.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvdispco6434052.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\nvcuda.dll
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2014-08-28 09:09:17 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2014-08-28 09:09:16 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2014-08-28 09:09:16 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2014-08-28 09:07:24 ----A---- C:\WINDOWS\system32\win32k.sys
2014-08-27 14:52:42 ----SHD---- C:\Config.Msi
2014-08-25 18:16:52 ----D---- C:\Program Files (x86)\Metro Last Light
2014-08-14 10:11:43 ----D---- C:\Program Files (x86)\Need For Speed Rivals
2014-08-14 09:19:24 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2014-08-14 09:19:24 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2014-08-14 09:19:23 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2014-08-14 09:19:23 ----A---- C:\WINDOWS\system32\dxgi.dll
2014-08-14 09:19:23 ----A---- C:\WINDOWS\system32\dwmcore.dll
2014-08-14 09:19:22 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2014-08-14 09:19:21 ----A---- C:\WINDOWS\system32\aepdu.dll
2014-08-14 09:19:20 ----A---- C:\WINDOWS\system32\aeinv.dll
2014-08-14 09:19:18 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2014-08-14 09:18:50 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-08-14 09:18:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-08-14 09:18:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-08-14 09:18:49 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-08-14 09:18:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-08-14 09:18:49 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-08-14 09:18:48 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-08-14 09:18:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-08-14 09:18:47 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-08-14 09:18:47 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-08-14 09:18:47 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-08-14 09:18:46 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-08-14 09:18:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-08-14 09:18:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-08-14 09:18:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-08-14 09:18:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-08-14 09:18:43 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-08-14 09:18:42 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-08-14 09:18:42 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-08-14 09:18:42 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-08-14 09:18:42 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-08-14 09:18:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-08-14 09:18:37 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-08-14 09:18:37 ----A---- C:\WINDOWS\system32\wininet.dll
2014-08-14 09:18:37 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-08-14 09:18:36 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-08-14 09:18:36 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-08-14 09:18:35 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 09:18:35 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-14 09:18:34 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2014-08-14 09:18:34 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2014-08-14 09:18:27 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2014-08-14 09:18:27 ----A---- C:\WINDOWS\system32\vbscript.dll
2014-08-14 09:18:24 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-08-14 09:18:21 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2014-08-14 09:18:21 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-14 09:17:41 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-08-14 09:17:40 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-08-14 09:17:40 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-08-14 09:17:40 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-08-14 09:17:40 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-08-14 09:17:39 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-08-14 09:17:39 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-14 09:17:39 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-14 09:17:39 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-08-14 09:17:26 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-08-14 09:17:25 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-08-14 09:17:24 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-08-14 09:17:23 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\localspl.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-08-14 09:17:22 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\winbici.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-08-14 09:17:21 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\srms.dat
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-14 09:17:20 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-14 09:17:11 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-14 09:17:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-08-14 09:17:09 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2014-08-14 09:17:09 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\hal.dll
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-08-14 09:17:09 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-14 09:17:03 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-08-14 09:17:03 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2014-08-14 09:17:03 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-08-14 09:12:50 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-08-14 09:12:50 ----A---- C:\WINDOWS\system32\msi.dll
2014-08-14 09:12:50 ----A---- C:\WINDOWS\system32\authui.dll
2014-08-14 09:12:49 ----A---- C:\WINDOWS\SYSWOW64\msihnd.dll
2014-08-14 09:12:49 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2014-08-14 09:12:49 ----A---- C:\WINDOWS\system32\msihnd.dll
2014-08-14 09:12:49 ----A---- C:\WINDOWS\system32\consent.exe

======List of files/folders modified in the last 1 month======

2014-09-02 13:31:07 ----D---- C:\WINDOWS\Temp
2014-09-02 13:30:58 ----RD---- C:\Program Files
2014-09-02 13:30:55 ----D---- C:\WINDOWS\Prefetch
2014-09-02 13:26:20 ----D---- C:\WINDOWS\system32\sru
2014-09-02 10:47:19 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-09-02 10:44:08 ----D---- C:\WINDOWS\system32\drivers
2014-09-02 10:42:05 ----RD---- C:\WINDOWS\System32
2014-09-02 10:42:05 ----RD---- C:\Program Files (x86)
2014-09-02 10:38:08 ----D---- C:\WINDOWS\SysWOW64
2014-09-02 10:12:14 ----D---- C:\Windows
2014-09-02 10:10:32 ----D---- C:\WINDOWS\Inf
2014-09-02 09:51:32 ----HD---- C:\ProgramData
2014-09-01 21:14:45 ----D---- C:\WINDOWS\system32\NDF
2014-09-01 18:47:46 ----D---- C:\WINDOWS\AppReadiness
2014-09-01 13:00:12 ----D---- C:\WINDOWS\Microsoft.NET
2014-09-01 13:00:07 ----D---- C:\WINDOWS\debug
2014-09-01 11:52:06 ----D---- C:\WINDOWS\Tasks
2014-09-01 11:19:59 ----D---- C:\Users\marce_000\AppData\Roaming\uTorrent
2014-09-01 11:19:59 ----D---- C:\Users\marce_000\AppData\Roaming\DAEMON Tools Lite
2014-09-01 11:19:53 ----D---- C:\WINDOWS\Logs
2014-08-31 12:00:18 ----D---- C:\WINDOWS\system32\DriverStore
2014-08-31 11:51:53 ----D---- C:\WINDOWS\system32\Tasks
2014-08-30 19:39:31 ----D---- C:\WINDOWS\system32\config
2014-08-30 16:44:45 ----HD---- C:\Program Files\WindowsApps
2014-08-29 13:47:24 ----D---- C:\WINDOWS\system32\catroot2
2014-08-28 12:15:44 ----SHD---- C:\System Volume Information
2014-08-28 10:14:43 ----D---- C:\Hry
2014-08-28 10:10:42 ----D---- C:\WINDOWS\WinSxS
2014-08-28 09:39:45 ----D---- C:\WINDOWS\CbsTemp
2014-08-28 09:10:56 ----D---- C:\ProgramData\NVIDIA
2014-08-28 09:09:55 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-27 14:52:46 ----SHD---- C:\WINDOWS\Installer
2014-08-27 14:52:35 ----D---- C:\ProgramData\Package Cache
2014-08-27 14:51:50 ----RSD---- C:\WINDOWS\assembly
2014-08-26 22:42:22 ----D---- C:\Users\marce_000\AppData\Roaming\Skype
2014-08-25 18:56:30 ----D---- C:\Program Files (x86)\Avira
2014-08-24 11:01:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-21 10:50:45 ----D---- C:\WINDOWS\rescache
2014-08-15 22:29:23 ----D---- C:\WINDOWS\system32\wdi
2014-08-15 22:29:02 ----RD---- C:\WINDOWS\ToastData
2014-08-15 22:29:02 ----D---- C:\WINDOWS\system32\migration
2014-08-15 22:29:01 ----D---- C:\WINDOWS\MediaViewer
2014-08-15 22:29:00 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-08-15 22:28:58 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-08-15 22:28:57 ----D---- C:\WINDOWS\system32\en-US
2014-08-15 22:28:56 ----D---- C:\WINDOWS\system32\wbem
2014-08-15 22:28:56 ----D---- C:\WINDOWS\Camera
2014-08-15 22:28:55 ----D---- C:\WINDOWS\FileManager
2014-08-15 22:28:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-08-15 22:28:52 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2014-08-15 22:28:52 ----D---- C:\WINDOWS\system32\en-GB
2014-08-15 22:23:16 ----D---- C:\Program Files\Internet Explorer
2014-08-15 22:23:16 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-15 22:23:14 ----D---- C:\WINDOWS\PolicyDefinitions
2014-08-14 14:27:53 ----D---- C:\WINDOWS\system32\catroot
2014-08-14 10:18:51 ----D---- C:\WINDOWS\SYSWOW64\directx
2014-08-14 10:18:45 ----HD---- C:\WINDOWS\msdownld.tmp
2014-08-14 09:57:08 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 09:56:37 ----D---- C:\WINDOWS\system32\MRT
2014-08-14 09:54:50 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-14 09:52:44 ----SD---- C:\WINDOWS\system32\CompatTel
2014-08-14 09:16:12 ----A---- C:\WINDOWS\system32\mfps.dll
2014-08-13 22:51:57 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-08-13 22:51:55 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-08-13 22:51:41 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 22:51:41 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 22:51:41 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 22:51:39 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-08-13 22:51:38 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 22:51:37 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-08-13 22:51:36 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-08-13 22:51:35 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-08-13 22:51:34 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-08-13 22:51:34 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-08-13 22:51:23 ----A---- C:\WINDOWS\system32\msrating.dll
2014-08-13 22:51:21 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-08-09 02:22:16 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2014-08-09 02:22:16 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2014-08-09 02:22:05 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2014-08-09 02:22:05 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2014-08-03 22:18:49 ----D---- C:\Program Files\Microsoft Silverlight
2014-08-03 22:18:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-07-02 32544]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2014-06-03 130584]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2014-02-14 28600]
R1 dtsoftbus01;@oem18.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-02-27 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2014-06-24 117712]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-11-28 4142864]
R3 IntcDAud;@oem43.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem29.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 MEIx64;@oem23.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-11-28 62784]
R3 NETwNe64;@oem39.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [2013-12-09 3346912]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-07-02 12866008]
R3 nvvad_WaveExtensible;@oem45.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2013-08-22 11776]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 dg_ssudbus;@oem36.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ETD;@oem5.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-11-28 295760]
S3 intaud_WaveExtensible;@oem28.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2011-12-12 17936]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
S3 Point64;@oem17.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2013-05-14 50864]
S3 RimUsb;@oem42.inf,%RimUsb.DeviceDesc%;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RSUSBSTOR;@oem4.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-11-28 252048]
S3 ssudmdm;@oem37.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 USBAAPL64;@oem31.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-08-12 430160]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-08-12 430160]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-04 149296]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-17 632048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-02 14904]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-03-17 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-11-28 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-11-28 276864]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2012-09-13 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2012-05-23 142904]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-17 154864]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2012-11-28 201360]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-28 364416]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/11/29 17:56:09; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2012-05-23 243728]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-25 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-08-09 1720792]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-08-09 18973144]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-07-02 935368]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-03-17 279024]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-25 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-17 284912]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S4 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-08-12 1021520]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]

-----------------EOF-----------------

#8 Příspěvek od **JaRon** » 02 zář 2014 12:38

az na nejaky nelegalny SW, to vypada OK

Avjeckin · #9 Příspěvek od **Avjeckin** » 02 zář 2014 14:57

Dakujem za pomoc, mozem sa spytat ktory to je software? utorrent predpokladam.

#10 Příspěvek od **JaRon** » 02 zář 2014 17:49

rado sa stalo
predpokladam, ze MSOffice

Lock

VIRY.CZ

Prosim o kontrolu pc, pc sposobuje vypadky internetu

Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu

Re: Prosim o kontrolu pc, pc sposobuje vypadky internetu