VIRY.CZ

Dobrý den,

moc Vás prosím o pomoc, asi před 3 dny mi začala blbnout pc. Hrozné zpomalení, dlouhé načítání stránek, vyskakují mi pořád nějaké reklamy na aktuální stránce nebo se otevře nová s reklamou. U všeho mám napsané: powered by key, ad by the adblock a podobně. Po delším hledání na netu jsem zjistila, že by se mohlo jednat o virus Keylogger. Je to pravda? A jak se toho všeho zbavit? Mám v pc Avast, včera jsem dělala test, něco to našlo a přesunulo do truhly, ale věc stejně pokračuje dále. Moc prosím o rychlou odpověď, dopisuju tenhle týden diplomku a nedá se s tím pracovat.


Mockrát děkuji za jakoukoliv pomoc,
Markéta

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by sweety (administrator) on PC on 08-07-2015 10:17:36
Running from C:\Users\sweety\Downloads
Loaded Profiles: sweety (Available Profiles: sweety & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(PS Media s.r.o.) C:\Users\sweety\AppData\Roaming\StartMenu\StartMenu.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msoia.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
() C:\Users\sweety\Downloads\RSIT.exe
(Trend Micro Inc.) C:\Program Files (x86)\trend micro\sweety.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PowerSkin] => c:\windows\temp\PowerSkin\PowerSkin.exe <===== ATTENTION
HKLM\...\Run: [DisableS3S4] => c:\windows\temp\DisableS3S464\sethigh.cmd <===== ATTENTION
HKLM\...\Run: [AuditSHD] => C:\windows\system32\oobe\auditshd.exe [30208 2014-10-29] (Microsoft Corporation)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-07] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [StartMenu] => C:\Users\sweety\AppData\Roaming\StartMenu\StartMenu.exe [3359872 2015-02-09] (PS Media s.r.o.)
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [ShowDesktopAsRun] => C:\Users\sweety\AppData\Roaming\StartMenu\desktop.scf [81 2014-12-29] ()
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [354760 2015-06-29] (Optimal Software s.r.o.)
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe [61440 2015-06-20] ()
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\...\Run: [HCDNClient] => C:\IQIYI Video\Common\QyKernel.exe [576104 2015-05-12] (iQIYI.COM)
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-09-22]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-07] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... n.com&OSP=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-07] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-07] (Avast Software s.r.o.)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: °®ĆćŇŐÖúĘÖ -> {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} -> C:\IQIYI Video\Common\Accelerator\IEHelper.dll [2015-04-29] (爱奇艺)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8BB8FB53-2010-40A8-A652-6C3BAA166B04}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8BE840B6-453F-4810-BF03-1E0CC0F5AC41}: [DhcpNameServer] 40.52.1.201 40.52.1.203
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... XXW0Q57LEX

FireFox:
========
FF ProfilePath: C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1033858388-2215584304-1103054407-1001: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Extension: shoppingassistookongcom - C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default\Extensions\shoppingassist@ookong.com [2015-07-06]
FF Extension: PriuceLessu - C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default\Extensions\xUqYmT1@seu.edu [2015-07-02]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default\extensions\searchffv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-07]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-07-06]

Chrome:
=======
CHR Profile: C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-29]
CHR Extension: (gomekmidlodglbbmalcneegieacbdmki) - C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-06]
CHR Extension: (Google Wallet) - C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-07]

Opera:
=======
OPR Extension: (gomekmidlodglbbmalcneegieacbdmki) - C:\Users\sweety\AppData\Roaming\Opera Software\Opera Stable\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-07] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
S2 ekrn; "C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe" [X]
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S2 Update Any Angle; "C:\Program Files (x86)\Any Angle\updateAnyAngle.exe" [X]
S2 Util Any Angle; "C:\Program Files (x86)\Any Angle\bin\utilAnyAngle.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-07] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 {af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64; C:\Windows\System32\drivers\{af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64.sys [48752 2015-07-02] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 10:22 - 2015-07-08 10:24 - 57405952 _____ C:\Users\sweety\Downloads\eset-nod32-antivirus_5.0.9564bit.msi
2015-07-08 10:17 - 2015-07-08 10:23 - 00021053 _____ C:\Users\sweety\Downloads\FRST.txt
2015-07-08 10:15 - 2015-07-08 10:18 - 00000000 ____D C:\FRST
2015-07-08 10:14 - 2015-07-08 10:15 - 02112512 _____ (Farbar) C:\Users\sweety\Downloads\FRST64.exe
2015-07-08 09:38 - 2015-07-08 09:38 - 00000000 ____D C:\rsit
2015-07-08 09:38 - 2015-07-08 09:38 - 00000000 ____D C:\Program Files (x86)\trend micro
2015-07-08 09:37 - 2015-07-08 09:37 - 01107968 _____ C:\Users\sweety\Downloads\RSIT (1).exe
2015-07-08 09:36 - 2015-07-08 09:37 - 01107968 _____ C:\Users\sweety\Downloads\RSIT.exe
2015-07-07 19:58 - 2015-07-07 19:58 - 00000000 ____D C:\Users\sweety\AppData\Roaming\AVAST Software
2015-07-07 19:57 - 2015-07-07 19:57 - 00001940 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-07 19:57 - 2015-07-07 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-07 19:56 - 2015-07-07 19:56 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-07-07 19:56 - 2015-07-07 19:56 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-07-07 19:56 - 2015-07-07 19:56 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-07 19:56 - 2015-07-07 19:56 - 00003924 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-07 19:56 - 2015-07-07 19:55 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-07 19:54 - 2015-07-07 19:54 - 05499992 _____ (Avast Software s.r.o.) C:\Users\sweety\Downloads\avast_free_antivirus_setup_online.exe
2015-07-07 19:54 - 2015-07-07 19:54 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-07 19:20 - 2015-07-07 19:20 - 00000000 ____D C:\ProgramData\ESET
2015-07-07 19:20 - 2015-07-07 19:20 - 00000000 ____D C:\Program Files\ESET
2015-07-07 19:13 - 2015-07-07 19:15 - 01761992 _____ (ESET) C:\Users\sweety\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-07-07 18:26 - 2015-07-08 09:00 - 00003076 _____ C:\WINDOWS\System32\Tasks\Advanced System~Protector_startup
2015-07-07 18:26 - 2015-07-07 18:26 - 00003664 _____ C:\WINDOWS\System32\Tasks\Advanced System~Protector
2015-07-07 18:25 - 2015-07-07 18:25 - 00000024 _____ C:\Users\sweety\AppData\Roaming\appdataFr25.bin
2015-07-07 18:23 - 2015-07-07 18:23 - 00000000 ____D C:\Users\sweety\AppData\Roaming\Systweak
2015-07-07 18:22 - 2015-07-07 18:22 - 00001059 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk
2015-07-07 18:22 - 2015-07-07 18:22 - 00000000 ____D C:\ProgramData\Systweak
2015-07-07 18:22 - 2015-07-07 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
2015-07-07 18:19 - 2015-07-07 19:49 - 00000000 ____D C:\Program Files (x86)\ASP
2015-07-07 18:18 - 2015-07-07 18:21 - 05530096 _____ (Advanced System Protector ) C:\Users\sweety\Downloads\aspsetup (1).exe
2015-07-07 18:18 - 2015-06-24 18:20 - 00023336 _____ C:\WINDOWS\system32\sasnative64.exe
2015-07-07 18:12 - 2015-07-07 18:14 - 05530096 _____ (Advanced System Protector ) C:\Users\sweety\Downloads\aspsetup.exe
2015-07-06 21:55 - 2015-07-06 21:55 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-06 21:54 - 2015-07-06 21:54 - 02870984 _____ (ESET) C:\Users\sweety\Downloads\esetsmartinstaller_csy.exe
2015-07-06 21:46 - 2015-07-06 21:46 - 00001274 _____ C:\Users\sweety\Desktop\全网影视.lnk
2015-07-06 20:32 - 2015-07-06 21:28 - 535520800 _____ C:\Users\sweety\Downloads\James Horner - Titanic (Full Soundtrack).flv
2015-07-02 20:46 - 2015-07-02 20:47 - 00000000 ____D C:\ProgramData\LocalStorage
2015-07-02 20:42 - 2015-07-02 20:42 - 00000000 ____D C:\Users\sweety\.android
2015-07-02 20:41 - 2015-07-06 21:47 - 00000000 ____D C:\Users\sweety\AppData\Roaming\ppslog
2015-07-02 19:50 - 2015-07-02 19:50 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-07-02 18:50 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-07-02 18:50 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-07-02 18:50 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-02 18:50 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-07-02 18:50 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-07-02 18:50 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-07-02 18:50 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-07-02 18:49 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-07-02 18:49 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-07-02 18:49 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-07-02 18:49 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-07-02 18:49 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-07-02 18:49 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-02 18:49 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-07-02 18:49 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-07-02 18:49 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-07-02 18:49 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-07-02 18:49 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-07-02 18:49 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-07-02 18:49 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-07-02 18:49 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-07-02 18:49 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-07-02 18:49 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-07-02 18:49 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-07-02 18:49 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-07-02 18:49 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-07-02 18:49 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-07-02 18:49 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-07-02 18:49 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-07-02 18:49 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-07-02 18:14 - 2015-07-02 18:14 - 00003138 _____ C:\WINDOWS\System32\Tasks\{1B86ABB1-A28C-48A0-852C-6825E8569A58}
2015-07-02 16:25 - 2015-07-02 20:42 - 00000000 ____D C:\Users\sweety\AppData\Local\SysassistByHotWheel
2015-07-02 16:24 - 2015-07-08 09:13 - 00000000 ____D C:\Users\sweety\AppData\Local\Unity
2015-07-02 16:23 - 2015-07-08 09:55 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-02 16:22 - 2015-07-06 21:44 - 00000000 ____D C:\IQIYI Video
2015-07-02 16:21 - 2015-07-06 21:57 - 00000000 ____D C:\Users\sweety\AppData\Roaming\IQIYI Video
2015-07-02 16:21 - 2015-07-06 21:44 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-07-02 16:21 - 2015-07-02 16:21 - 00000000 ____D C:\Users\Public\QiYi
2015-07-02 16:21 - 2015-07-02 00:38 - 00048752 _____ (StdLib) C:\WINDOWS\system32\Drivers\{af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64.sys
2015-07-02 16:18 - 2015-07-02 19:49 - 00000000 ____D C:\Program Files (x86)\Any Angle
2015-07-02 16:16 - 2015-07-08 10:16 - 00002772 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-5_user.job
2015-07-02 16:16 - 2015-07-08 10:16 - 00002772 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-5.job
2015-07-02 16:16 - 2015-07-02 16:16 - 00005776 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-5
2015-07-02 16:15 - 2015-07-08 10:15 - 00004476 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-4.job
2015-07-02 16:15 - 2015-07-08 10:15 - 00003456 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-1-7.job
2015-07-02 16:15 - 2015-07-08 10:15 - 00003456 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-1-6.job
2015-07-02 16:15 - 2015-07-02 16:15 - 00007480 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-4
2015-07-02 16:15 - 2015-07-02 16:15 - 00006460 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-1-7
2015-07-02 16:15 - 2015-07-02 16:15 - 00006460 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-1-6
2015-07-02 16:14 - 2015-07-08 10:14 - 00005500 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-7.job
2015-07-02 16:14 - 2015-07-02 16:14 - 00008504 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-7
2015-07-02 16:14 - 2015-07-02 16:14 - 00000000 ____D C:\Program Files (x86)\49db72e9-803a-4bde-bd30-595c8b753e55
2015-07-02 16:13 - 2015-07-02 16:15 - 00000000 ____D C:\Users\sweety\AppData\Local\BrowserHelper
2015-07-02 16:11 - 2015-07-08 10:11 - 00005166 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-11.job
2015-07-02 16:11 - 2015-07-02 16:11 - 00008170 _____ C:\WINDOWS\System32\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-11
2015-07-02 16:11 - 2015-07-02 16:11 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-07-02 16:10 - 2015-07-07 21:05 - 00002094 _____ C:\WINDOWS\Tasks\42d200f7-5855-4faf-abe6-02555bb02703-10_user.job
2015-07-02 16:09 - 2015-07-07 21:30 - 00000000 ____D C:\Program Files (x86)\Ge-Force
2015-07-02 16:06 - 2015-07-02 16:06 - 00000000 ____D C:\Users\sweety\AppData\Local\CrashRpt
2015-07-02 16:04 - 2015-07-02 16:04 - 00000000 ____D C:\Users\sweety\AppData\Local\Opera Software
2015-07-02 16:03 - 2015-07-02 16:03 - 00003810 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1435845708
2015-07-02 16:03 - 2015-07-02 16:03 - 00000000 ____D C:\Users\sweety\AppData\Roaming\Opera Software
2015-07-02 16:02 - 2015-07-06 21:40 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-02 16:01 - 2015-07-02 16:01 - 00002281 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-07-02 16:01 - 2015-07-02 16:01 - 00002281 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-07-02 16:01 - 2015-07-02 16:01 - 00000000 ____D C:\Program Files (x86)\baidu
2015-07-02 16:00 - 2015-07-02 19:16 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-07-02 15:59 - 2015-07-02 19:55 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-02 15:57 - 2015-07-02 19:16 - 00000000 ____D C:\Users\sweety\AppData\Roaming\Seznam.cz
2015-07-02 15:56 - 2015-07-02 15:56 - 00002738 _____ C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator
2015-07-02 15:55 - 2015-07-06 21:14 - 00000376 _____ C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job
2015-07-02 15:55 - 2015-07-02 18:22 - 00000000 ____D C:\Users\sweety\AppData\Roaming\cpuminer
2015-07-02 15:55 - 2015-07-02 15:55 - 00001115 _____ C:\Users\sweety\Desktop\Zrychleni Pocitace.lnk
2015-07-02 15:55 - 2015-07-02 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
2015-07-02 15:54 - 2015-07-02 15:59 - 00000000 ____D C:\Program Files (x86)\Zrychleni Pocitace
2015-07-02 15:52 - 2015-07-07 17:43 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-02 15:52 - 2015-07-03 18:32 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-02 15:52 - 2015-07-02 15:52 - 00000000 ____D C:\Users\sweety\AppData\Local\globalUpdate
2015-07-02 15:49 - 2015-07-07 21:03 - 00000000 ____D C:\Program Files (x86)\AppendRunner
2015-07-02 15:47 - 2015-07-02 15:47 - 00000000 ____D C:\ProgramData\17679231924039402068
2015-07-02 15:46 - 2015-07-07 21:03 - 00000000 ____D C:\Program Files (x86)\PriuceLessu
2015-07-02 15:45 - 2015-07-07 21:36 - 00000000 ____D C:\ProgramData\{0ba802db-f0ae-59fb-0ba8-802dbf0a0b6f}
2015-07-02 15:45 - 2015-07-06 21:45 - 00000338 _____ C:\WINDOWS\Tasks\SearchHunt.job
2015-07-01 20:15 - 2015-07-01 20:15 - 00003060 _____ C:\WINDOWS\System32\Tasks\{B5847097-A385-4D84-8E2F-D82E59498F48}
2015-06-30 20:47 - 2015-07-06 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-30 20:28 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-30 20:28 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-30 20:27 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-30 20:27 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-30 20:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-30 20:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-30 20:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-30 20:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-30 20:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-30 20:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-30 20:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-30 20:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-30 20:26 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-30 20:26 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-30 20:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-30 20:26 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-30 20:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-30 20:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-30 20:26 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-30 20:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-30 20:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-30 20:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-30 20:26 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-30 20:26 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-30 20:26 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-30 20:26 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-30 20:26 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-30 20:26 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-30 20:26 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-30 20:26 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-30 20:26 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-30 20:26 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-30 20:26 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-30 20:26 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-30 20:26 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-30 20:26 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-30 20:26 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-30 20:26 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-30 20:26 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-30 20:26 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-30 20:26 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-30 20:26 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-30 20:23 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-30 11:21 - 2015-06-30 12:10 - 548214020 _____ C:\Users\sweety\Downloads\Latin Dance Aerobic Workout - Latin Dance Fitness - Salsa Class For Beginners.avi
2015-06-30 10:17 - 2015-06-30 10:20 - 00000000 ____D C:\Users\sweety\Downloads\salsa_dvd
2015-06-30 09:05 - 2015-06-30 09:42 - 521519268 _____ C:\Users\sweety\Downloads\Yoga For Back Pain - 30 Minute Back Stretch, Sciatica Pain, & Flexibility Yoga Flow.avi
2015-06-30 08:59 - 2015-06-30 09:51 - 834892516 _____ C:\Users\sweety\Downloads\Yoga for Weight Loss - Balance Practice.avi
2015-06-30 08:57 - 2015-06-30 09:31 - 506362494 _____ C:\Users\sweety\Downloads\Morning Yoga For Weight Loss - 20 Minute Workout Fat Burning Yoga Meltdown Beginner & Intermediate.avi
2015-06-30 08:52 - 2015-06-30 08:55 - 446075904 _____ C:\Users\sweety\Downloads\joga-pro-zacatecniky.avi
2015-06-29 10:30 - 2015-06-29 20:58 - 00008083 _____ C:\Users\sweety\Downloads\conditions-Katerina-Shereen.odt
2015-06-29 09:17 - 2015-06-29 09:17 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-22 13:45 - 2015-06-22 15:46 - 1158871822 _____ C:\Users\sweety\Downloads\Králova-řeč-(2010)-(CZ-dub).avi
2015-06-09 13:49 - 2015-06-09 13:49 - 00000000 ____D C:\Users\sweety\AppData\Local\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 10:19 - 2014-12-29 10:16 - 00000000 ____D C:\Users\sweety\AppData\Roaming\Skype
2015-07-08 10:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-08 09:52 - 2015-02-09 13:28 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-08 08:43 - 2014-12-29 12:21 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1033858388-2215584304-1103054407-1001
2015-07-08 08:40 - 2015-02-09 13:28 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 22:42 - 2013-08-22 16:46 - 00357447 _____ C:\WINDOWS\setupact.log
2015-07-07 22:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-07 22:41 - 2014-09-24 09:10 - 00377836 _____ C:\WINDOWS\PFRO.log
2015-07-07 21:07 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-07 21:06 - 2015-01-13 18:12 - 02053022 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-07 19:54 - 2014-12-29 08:51 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-07 17:54 - 2014-09-24 18:23 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-07 17:54 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-07-07 17:54 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-07-07 17:45 - 2014-12-28 22:44 - 00000000 ____D C:\Users\sweety\AppData\Local\VirtualStore
2015-07-06 21:40 - 2015-01-13 19:14 - 00001428 _____ C:\Users\sweety\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-06 21:40 - 2014-12-29 10:47 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-06 00:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-05 12:08 - 2015-04-06 15:28 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 20:42 - 2015-01-13 18:25 - 00000000 ____D C:\Users\sweety
2015-07-02 20:28 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-02 20:17 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-02 20:14 - 2015-01-03 12:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-07-02 20:07 - 2015-01-03 12:30 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-07-02 19:49 - 2014-12-29 10:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-02 19:49 - 2013-08-22 16:44 - 00509128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-02 19:24 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-07-02 19:14 - 2014-12-29 09:14 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-02 18:27 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-02 18:24 - 2012-07-26 07:26 - 00000226 _____ C:\WINDOWS\win.ini
2015-07-02 18:23 - 2012-09-22 18:26 - 00000000 ____D C:\Program Files (x86)\AmIcoSingLun
2015-07-02 18:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-07-02 11:00 - 2013-01-18 03:07 - 00000000 ____D C:\Users\sweety\AppData\Local\Packages
2015-07-01 19:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-30 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-30 19:38 - 2015-04-30 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-06-29 11:36 - 2015-01-06 18:11 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-29 09:11 - 2015-01-13 18:25 - 00000000 ____D C:\Users\Administrator
2015-06-29 09:11 - 2014-09-24 21:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-29 09:11 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-29 09:11 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-29 09:11 - 2012-09-22 18:30 - 00000000 ____D C:\ProgramData\P4G
2015-06-29 09:10 - 2015-04-07 13:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-29 09:10 - 2015-02-09 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 09:10 - 2014-12-29 10:51 - 00000000 ____D C:\Users\sweety\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 09:10 - 2014-12-29 10:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-29 09:10 - 2014-12-29 10:15 - 00000000 ____D C:\ProgramData\Skype
2015-06-29 09:10 - 2014-12-28 22:43 - 00000000 ____D C:\Users\sweety\AppData\Local\ASUS
2015-06-29 09:10 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-29 09:10 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\servicing
2015-06-29 08:53 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2015-06-29 08:50 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-29 07:40 - 2015-04-30 19:55 - 00000000 __SHD C:\Users\sweety\AppData\Local\EmieUserList
2015-06-29 07:40 - 2015-04-30 19:55 - 00000000 __SHD C:\Users\sweety\AppData\Local\EmieSiteList
2015-06-29 07:40 - 2015-04-30 19:55 - 00000000 __SHD C:\Users\sweety\AppData\Local\EmieBrowserModeList
2015-06-22 20:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(21)
2015-06-20 05:02 - 2015-04-22 16:57 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2015-04-22 16:57 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-18 09:38 - 2013-01-30 21:39 - 00000000 ____D C:\Users\sweety\Documents\VŠ
2015-06-12 22:17 - 2013-10-24 12:56 - 00000000 ____D C:\Users\sweety\Documents\Bluetooth Folder
2015-06-12 11:50 - 2015-01-16 18:35 - 00000000 ____D C:\Users\sweety\Documents\Recepty
2015-06-08 22:49 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(241)

==================== Files in the root of some directories =======

2015-07-07 18:25 - 2015-07-07 18:25 - 0000024 _____ () C:\Users\sweety\AppData\Roaming\appdataFr25.bin
2014-12-28 23:38 - 2015-01-24 22:01 - 0000380 _____ () C:\Users\sweety\AppData\Roaming\sp_data.sys
2015-01-23 19:57 - 2015-02-07 18:00 - 0005120 _____ () C:\Users\sweety\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-04 19:37 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 19:37 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some files in TEMP:
====================
C:\Users\sweety\AppData\Local\Temp\AutoRun.exe
C:\Users\sweety\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\sweety\AppData\Local\Temp\EAInstall.dll
C:\Users\sweety\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\sweety\AppData\Local\Temp\Harry Potter and the Order of the Phoenix_uninst.exe
C:\Users\sweety\AppData\Local\Temp\InstHelper.exe
C:\Users\sweety\AppData\Local\Temp\IQIYIsetup_l_spl004@kb005.exe
C:\Users\sweety\AppData\Local\Temp\masauto_runxx.dl.dll
C:\Users\sweety\AppData\Local\Temp\masflag_runxx.dl.dll
C:\Users\sweety\AppData\Local\Temp\pcspeedup.exe
C:\Users\sweety\AppData\Local\Temp\ppstreamsetup_unfix.exe
C:\Users\sweety\AppData\Local\Temp\setup.exe
C:\Users\sweety\AppData\Local\Temp\setup3.exe
C:\Users\sweety\AppData\Local\Temp\SkypeSetup.exe
C:\Users\sweety\AppData\Local\Temp\StartMenu.exe
C:\Users\sweety\AppData\Local\Temp\tu17p84.exe
C:\Users\sweety\AppData\Local\Temp\Updater.exe
C:\Users\sweety\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 21:51

==================== End of log ============================

Zdravim

Az uvidim nejaky log, budu moudrejsi. Muze to byt Keylogger, ale nemusi.

Jinak RSIT se neinstaluje, jen stahne a spusti

Log jsem právě vložila, snad je to to, co je potřeba. Omlouvám se, nejsem v tomhle nijak zběhlá, potřebuji to všechno polopatě

Ano, je to ono

Akorat priste needitujte sve prispevky. Nezobrazi se mi to jako nova odpoved a muzu to prehlednout


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tady jsou výsledky:

ADW:

# AdwCleaner v4.207 - Log vytvořen 08/07/2015 v 11:17:59
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : sweety - PC
# Spuštěno z : C:\Users\sweety\Downloads\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : Update Any Angle
[#] Služba Smazáno : Util Any Angle
Služba Smazáno : {af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\IQIYI Video
Složka Smazáno : C:\ProgramData\Systweak
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IQIYI Video
Složka Smazáno : C:\ProgramData\{0ba802db-f0ae-59fb-0ba8-802dbf0a0b6f}
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector
Složka Smazáno : C:\Users\Public\Documents\ShopperPro
Složka Smazáno : C:\Program Files (x86)\ASP
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\Zrychleni Pocitace
Složka Smazáno : C:\Program Files (x86)\Ge-Force
Složka Smazáno : C:\Program Files (x86)\AppendRunner
Složka Smazáno : C:\Program Files (x86)\PriuceLessu
Složka Smazáno : C:\Program Files (x86)\Any Angle
Složka Smazáno : C:\Users\sweety\AppData\Local\Temp\On Stage
Složka Smazáno : C:\Users\sweety\AppData\Local\Temp\Any Angle
Složka Smazáno : C:\Users\sweety\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\sweety\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Složka Smazáno : C:\Users\sweety\AppData\Local\BrowserHelper
Složka Smazáno : C:\Users\sweety\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\sweety\AppData\Roaming\IQIYI Video
Složka Smazáno : C:\Users\sweety\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default\Extensions\shoppingassist@ookong.com
Složka Smazáno : C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default\Extensions\xUqYmT1@seu.edu
Složka Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Složka Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Složka Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\knlpigpfaognbholppaembpfphilacie
Soubor Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage-journal
Soubor Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage-journal
Soubor Smazáno : C:\Users\Public\Desktop\Advanced System~Protector.lnk
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu.dll
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu64.dll
Soubor Smazáno : C:\WINDOWS\System32\sasnative64.exe
Soubor Smazáno : C:\WINDOWS\System32\drivers\{af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64.sys
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage-journal
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
Soubor Smazáno : C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : PC SpeedUp Service Deactivator
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
Úloha Smazáno : Advanced System~Protector
Úloha Smazáno : Advanced System~Protector_startup
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-1-6
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-1-7
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-10_user
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-11
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-4
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-5
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-5_user
Úloha Smazáno : 42d200f7-5855-4faf-abe6-02555bb02703-7

***** [ Zástupci ] *****


***** [ Registry ] *****

Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
Hodnota Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Klíč Smazáno : HKLM\SOFTWARE\Classes\S
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Smazáno : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Klíč Smazáno : HKCU\Software\Mozilla\Extends
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Any Angle
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Any Angle
Klíč Smazáno : HKLM\SOFTWARE\100cf5cb-b999-4b96-a8d1-ba26e2b72b8f
Klíč Smazáno : HKLM\SOFTWARE\378d2d71-ceb5-4e4a-b753-b661b04e825d
Klíč Smazáno : HKLM\SOFTWARE\5e0c808d-aafa-b14d-676a-699a9e7f9af3
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7f11b722}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4-B672-4F3A-8CA2-53C4259235DE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\Speedchecker Limited
Klíč Smazáno : HKCU\Software\systweak
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\Ge-Force
Klíč Smazáno : HKCU\Software\YorkNewCin
Klíč Smazáno : HKCU\Software\HighDefAction
Klíč Smazáno : HKCU\Software\ArenaHD
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\istartsurfSoftware
Klíč Smazáno : HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : HKLM\SOFTWARE\FFPluginHp
Klíč Smazáno : HKLM\SOFTWARE\Any Angle
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro
Klíč Smazáno : [x64] HKLM\SOFTWARE\Speedchecker Limited
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
Klíč Smazáno : [x64] HKLM\SOFTWARE\YorkNewCin
Klíč Smazáno : [x64] HKLM\SOFTWARE\HighDefAction
Klíč Smazáno : [x64] HKLM\SOFTWARE\ArenaHD
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v38.0.5 (x86 cs)

[06wxdfhu.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.alias", "istartsurf");
[06wxdfhu.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[06wxdfhu.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.name", "istartsurf");
[06wxdfhu.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1435 ... 57LEX&q={s[...]

-\\ Google Chrome v43.0.2357.130


-\\ Comodo Dragon v33.1.0.1

[C:\Users\sweety\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-12-29&apn_dtid=%5ECMD127%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}

-\\ Opera v30.0.1835.88


*************************

AdwCleaner[R0].txt - [16914 bytů] - [08/07/2015 11:10:15]
AdwCleaner[S0].txt - [14692 bytů] - [08/07/2015 11:17:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14751 bytů] ##########

MBAM připíšu, až bude, skenuje se přes hodinu, docela to trvá. Děkuju

Meggie píše:MBAM připíšu, až bude, skenuje se přes hodinu, docela to trvá. Děkuju

Sken byva dlouhy, ale dukladny, takze se vyplati vydrzet az do konce. Pokud to bude mozne, tak v pripade, ze MBAM neco najde, bylo by idelani nezavirat ho, jen minimalizovat na listu, nez zkouknu vysledky. Kdybychom nalezy mazali, musela byste test delat znovu.

Dobré ráno
zde jsou výsledky MBAM, je to ale zvláštní, normálně ve vlastním okně mám 60 hrozeb (potenciálně nežádoucích programů). Co teď s tím? Děkuji moc

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9. 7. 2015
Čas skenování: 5:43
Protokol: MBAM.txt
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2015.07.08.08
Databáze rootkitů: v2015.07.07.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: sweety

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 413039
Uplynulý čas: 32 min, 47 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Jelikoz nevidim, co to jsou za hrozby, nemuzu vam s jistotou rict, jestli vse smazat ci ne. Tech falesnych poplachu je minimum, ale obcas jsou. Ale kdyz vse nechate odstranit, melo by se to dat do karanteny a od tama to jde vytahnout, kdyby nahodou.
Dalsi moznost je vyfotit ty vysledky a poslat jako obrazek


Nicmene sken nebyl nastaven podle navodu. Byl to jen Sken hrozeb a ten nekontroluje cely pocitac. Ja chtel Vlastni sken

Dobře, asi jsem to musela přehlídnout, udělám sken znova a pak pošlu výsledky, případně fotky s hrozbami.

Ještě mám ale jiný problém, dneska jsem skoro nemohla zapnout pc. Vždycky, když jsem to tlačítkem chtěla spustit, kontrolky jen probliknuly, zůstala svítit jen první kontrolka a obrazovka se vůbec nerozsvítila. Zkoušela jsem vyndat baterku, zkontrolovala vypínač i kabel od napájení, vše je v pořádku. Asi na 20 pokus jsem to nakonec zapnula a objevilo se mi okno APTIO SETUP UTILITY, kde jsem musela přijmout konfiguraci, aby se mi to vůbec zapnulo. Co s tím mám udělat? Není to poprvé, zlobí to takhle už asi měsíc.

Díky moc!

Tak posílám výsledek skenování, snad už to bude dobře teď. Díky!

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9. 7. 2015
Čas skenování: 9:45
Protokol: MBAM.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.09.01
Databáze rootkitů: v2015.07.07.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: sweety

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 602610
Uplynulý čas: 3 hod, 53 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 10
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [55604f90ddad32044c3d523a39cbdd23],
PUP.Optional.GeForce.A, HKLM\SOFTWARE\WOW6432NODE\Ge-Force-nv, , [3580f3ec1f6b51e5f7a491ef8084a858],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [8e27ebf42e5cbe78050552afa85b29d7],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [783dba25cdbde2544742aede25dfcd33],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv, , [664f05da3852da5cf836f889788ced13],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, , [05b07b64dbaf280ede505130927206fa],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [bcf98b54583278be3e05adda897b57a9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\SOFTWARE\Cinem Plus 2.4cV02.07-nv-ie, , [09aca23da3e771c5df9f848753b0f10f],
PUP.Optional.GeForce.A, HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\SOFTWARE\Ge-Force-nv-ie, , [2b8acc134842ee48376598e81fe58779],
PUP.Optional.Sense.A, HKU\S-1-5-21-1033858388-2215584304-1103054407-1001\SOFTWARE\Sense-nv-ie, , [4075c21dddad64d279b5720f2bd9669a],

Hodnoty registru: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [55604f90ddad32044c3d523a39cbdd23]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [783dba25cdbde2544742aede25dfcd33]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 5
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.18694, , [14a1e7f8ec9e74c244b424bb7c8619e7],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.197238, , [a213d00f0d7d0a2c68903ea1b34f649c],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.387121, , [6253e2fd602a84b29e5aca159b6749b7],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.434626, , [9c197c632e5cbb7bea0e9b442bd7a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.78810, , [f2c367787c0e221472865887a75b1ee2],

Soubory: 28
PUP.Optional.PCSpeedUp.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.sys.vir, , [ddd88a55cebc9e981e9604a74db459a7],
PUP.Optional.PCSpeedUp.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Zrychleni Pocitace\PCSUUCC.exe.vir, , [367f0bd40c7e4bebc0f4d8d312ef14ec],
PUP.Optional.TriangleTrail.A, C:\AdwCleaner\Quarantine\C\Users\sweety\AppData\Local\Temp\On Stage\Setup.exe.vir, , [526317c84e3c8ea887142f2f9f6647b9],
PUP.Optional.AnyAngle.A, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{af4544c3-8164-4ea3-8b1f-aae2249b7524}Gw64.sys.vir, , [e7ce08d7ccbe3cfa23c78fce15f017e9],
PUP.Optional.APNToolBar.A, C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe, , [81345b84c1c988ae7c19495d01006898],
PUP.Optional.TriangleTrail.A, C:\Users\sweety\AppData\Local\Temp\setup.exe, , [763f2cb32763e6505b409ac461a43fc1],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.18694\goopdate.dll, , [a60f835c187247efca018608d72a13ed],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.18694\goopdateres_en.dll, , [b7feebf4197158dee0eb543a946d2dd3],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.197238\goopdate.dll, , [64515887c8c2bf7799324b4306fbe31d],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.197238\goopdateres_en.dll, , [872e1bc4c7c3c670d3f8e6a836cbd62a],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.387121\goopdate.dll, , [b104805f4446300608c3dab4c04130d0],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.387121\goopdateres_en.dll, , [55608a5593f7e15517b4543aa75ac739],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.434626\goopdate.dll, , [6a4b449b6e1c5bdb4685a6e8728f16ea],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.434626\goopdateres_en.dll, , [f8bd0ed1593190a66c5f5e30ab56e21e],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.78810\goopdate.dll, , [a0157e617f0baa8cbb10424ccf32ae52],
PUP.Optional.ModGoog, C:\Users\sweety\AppData\Local\Temp\comh.78810\goopdateres_en.dll, , [10a5e7f8a8e2dd59a4276925956c47b9],
PUP.Optional.GeForce.A, C:\Users\sweety\AppData\Local\Temp\Install_26714\ins_geforce.exe, , [3b7a15ca06844fe7230c562de71ae21e],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\_avast_\unp49533430.tmp, , [45707c63ccbe26105e4cd3e430d10bf5],
PUP.Optional.AppDataFR.A, C:\Users\sweety\AppData\Roaming\appdataFr25.bin, , [7d389b442d5db77f73f816e84bb710f0],
PUP.Optional.BoostSaves.A, C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, , [bff600df593169cdb96fe133748f4bb5],
PUP.Optional.BoostSaves.A, C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, , [af06db04f89252e49a8e16fe7192b64a],
PUP.Optional.Boost.A, C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, , [15a0a23d414987afc9713ded5fa4ba46],
PUP.Optional.Boost.A, C:\Users\sweety\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, , [6c49af30a8e22c0a72c8a882a26114ec],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.18694\globalupdateHelper.msi, , [14a1e7f8ec9e74c244b424bb7c8619e7],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.197238\globalupdateHelper.msi, , [a213d00f0d7d0a2c68903ea1b34f649c],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.387121\globalupdateHelper.msi, , [6253e2fd602a84b29e5aca159b6749b7],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.434626\globalupdateHelper.msi, , [9c197c632e5cbb7bea0e9b442bd7a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\sweety\AppData\Local\Temp\comh.78810\globalupdateHelper.msi, , [f2c367787c0e221472865887a75b1ee2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Vyborne, vsechny nalezy nechte odstranit, pak MBAM odinstalujte.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Tak tady to je

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/07/10 8:25:18

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- ST320LT020-9YG142
- HL-DT-ST DVDRAM
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST320LT020-9YG142 : 320,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST320LT020-9YG142
----------------------------------------------------------------------------
Model : ST320LT020-9YG142
Firmware : 0001SDM1
Serial Number : W0Q57LEX
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5418 hod.
Power On Count : 3751 krát
Host Reads : 1542 GB
Host Writes : 370 GB
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _99 __6 0000040D0AC0 Počet chyb čtení
03 _99 _99 _85 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000EC6 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _84 _60 _30 00000F41B110 Počet chybných hledání
09 _94 _94 __0 00000000152A Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000EA7 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _98 __0 00000000000B Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _64 _50 _45 000024170024 Teplota toku vzduchu
BF 100 100 __0 00000000010D Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000000E2 Počet vypnutí disku
C1 _54 _54 __0 00000001692F Počet cyklů načítání/vymazání
C2 _36 _50 __0 000E00000024 Teplota
C3 _51 _39 __0 0000040D0AC0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 AEEE00001412 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00002E5063F6 Total LBAs Written
F2 100 253 __0 0000C0DA3ACE Total LBAs Read
FA __1 __1 __0 000000005A43 Počet chyb po dobu čtení z disku
FB 100 __1 __0 00000000030A Specifický pro výrobce
FC 100 __1 __0 000000000132 Specifický pro výrobce
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5730 5730 5135 374C 4558
020: 0000 8000 0004 3030 3031 4D31 4D31 5354 3332 304C
030: 5430 3230 2D39 5947 3134 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0000 0048 0048
080: 01F0 0029 746B 7D09 61E3 BC09 BC09 61E3 207F 0027
090: 0027 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 6003 6003 0000 5000 C500
110: 5345 7B9C 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 EAB0
130: 2542 EAB0 2542 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 007F 007F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5600 8060
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7FA5

Disk hlasi dost chyb, i to muze byt pricina potizi. Uvidime po docisteni.


Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Logy:

Logfile of random's system information tool 1.10 (written by random/random)
Run by sweety at 2015-07-10 08:51:29
Microsoft Windows 8.1
System drive C: has 65 GB (53%) free of 122 GB
Total RAM: 1932 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:52:14, on 10. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sweety.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... n.com&OSP=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [StartMenu] C:\Users\sweety\AppData\Roaming\StartMenu\StartMenu.exe
O4 - HKCU\..\Run: [ShowDesktopAsRun] C:\Users\sweety\AppData\Roaming\StartMenu\desktop.scf
O4 - HKCU\..\Run: [apphide] C:\Program Files (x86)\baidu\baidu.exe
O4 - HKCU\..\Run: [HCDNClient] "C:\IQIYI Video\Common\QyKernel.exe" -shell_start
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem21.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11338 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
dashost.exe {cbf98f8e-59af-4ba9-91afded702c74f02}
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exe" /RuntimeWide /StopEvent:864
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
KBFiltr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3044.0.582817639\1239652886" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.2.580488639\1775861461" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.3.226192577\325086730" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.4.1975199887\896684627" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.7.740812383\819080730" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.8.1742319935\1168254917" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.9.763388053\1128077931" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.10.1417943996\74416552" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3044.11.726431705\1482556081" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser2/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_18/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3044 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3044.17.2006213353\245951217" /prefetch:673131151
C:\WINDOWS\system32\AUDIODG.EXE 0xc8
"C:\Users\sweety\Downloads\RSITx64.exe"
"C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:update_vps
taskeng.exe {A4AA4563-3143-44EE-B0A2-2EF8277FC902}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\SearchHunt.job - c:\programdata\{0ba802db-f0ae-59fb-0ba8-802dbf0a0b6f}\download.exe --startup=1 --single

=========Mozilla firefox=========

ProfilePath - C:\Users\sweety\AppData\Roaming\Mozilla\Firefox\Profiles\06wxdfhu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@iqiyi.com/npclient]
"Description"=iQiyi Browser Plugin
"Path"=C:\IQIYI Video\LStyle\npclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@iqiyi.com/npWebPlayer]
"Description"=pps-webplayer-plugin
"Path"=C:\IQIYI Video\LStyle\npWebPlayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient]
"Description"=iQiyi Browser Plugin
"Path"=C:\IQIYI Video\LStyle\npclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer]
"Description"=pps-webplayer-plugin
"Path"=C:\IQIYI Video\LStyle\npWebPlayer.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-07 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-07 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28 1729752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
"PowerSkin"=c:\windows\temp\PowerSkin\PowerSkin.exe []
"DisableS3S4"=c:\windows\temp\DisableS3S464\sethigh.cmd []
"AuditSHD"=C:\windows\system32\oobe\auditshd.exe [2014-10-29 30208]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-10 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-10 127616]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-06-07 90832]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-22 4035152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-03-25 31682144]
"StartMenu"=C:\Users\sweety\AppData\Roaming\StartMenu\StartMenu.exe [2015-02-09 3359872]
"ShowDesktopAsRun"=C:\Users\sweety\AppData\Roaming\StartMenu\desktop.scf [2014-12-29 81]
"apphide"=C:\Program Files (x86)\baidu\baidu.exe [2015-06-20 61440]
"HCDNClient"=C:\IQIYI Video\Common\QyKernel.exe -shell_start []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-16 5264016]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-08-23 366720]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-07 5515496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-10 08:51:34 ----D---- C:\Program Files\trend micro
2015-07-08 11:15:29 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-07-08 11:14:40 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-07-08 11:14:39 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-07-08 11:14:39 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-07-08 11:14:38 ----D---- C:\ProgramData\Malwarebytes
2015-07-08 11:14:38 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-08 11:10:01 ----D---- C:\AdwCleaner
2015-07-08 10:15:57 ----D---- C:\FRST
2015-07-08 09:38:46 ----D---- C:\Program Files (x86)\trend micro
2015-07-08 09:38:41 ----D---- C:\rsit
2015-07-07 19:58:52 ----D---- C:\Users\sweety\AppData\Roaming\AVAST Software
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-07-07 19:56:25 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-07-07 19:56:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-07-07 19:56:05 ----A---- C:\WINDOWS\avastSS.scr
2015-07-07 19:54:49 ----D---- C:\Program Files\AVAST Software
2015-07-07 19:20:22 ----D---- C:\ProgramData\ESET
2015-07-07 19:20:22 ----D---- C:\Program Files\ESET
2015-07-02 20:46:56 ----D---- C:\ProgramData\LocalStorage
2015-07-02 20:41:52 ----D---- C:\Users\sweety\AppData\Roaming\ppslog
2015-07-02 18:50:04 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-07-02 18:50:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-07-02 18:50:02 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-07-02 18:50:02 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-07-02 18:50:02 ----A---- C:\WINDOWS\system32\localspl.dll
2015-07-02 18:50:01 ----A---- C:\WINDOWS\system32\compstui.dll
2015-07-02 18:49:59 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-07-02 18:49:58 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-07-02 18:49:56 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-07-02 18:49:53 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-07-02 18:49:53 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-07-02 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-07-02 18:49:50 ----A---- C:\WINDOWS\system32\authz.dll
2015-07-02 18:49:48 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-07-02 18:49:47 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-07-02 18:49:47 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-07-02 18:49:47 ----A---- C:\WINDOWS\system32\tquery.dll
2015-07-02 18:49:47 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-07-02 18:49:47 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-07-02 18:49:47 ----A---- C:\WINDOWS\system32\mssph.dll
2015-07-02 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-07-02 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-07-02 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-07-02 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-07-02 18:49:46 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-07-02 18:49:46 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-07-02 18:49:46 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-07-02 18:49:45 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-07-02 18:49:45 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-07-02 16:14:07 ----D---- C:\Program Files (x86)\49db72e9-803a-4bde-bd30-595c8b753e55
2015-07-02 16:03:38 ----D---- C:\Users\sweety\AppData\Roaming\Opera Software
2015-07-02 16:01:51 ----D---- C:\Program Files (x86)\baidu
2015-07-02 16:00:18 ----D---- C:\Program Files (x86)\Seznam.cz
2015-07-02 15:59:24 ----D---- C:\Program Files (x86)\Opera
2015-07-02 15:57:55 ----D---- C:\Users\sweety\AppData\Roaming\Seznam.cz
2015-07-02 15:47:27 ----D---- C:\ProgramData\17679231924039402068
2015-06-30 20:47:04 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-30 20:28:05 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-30 20:28:05 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-30 20:27:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-30 20:27:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-30 20:26:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-30 20:26:55 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-30 20:26:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-30 20:26:50 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-30 20:26:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-30 20:26:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-30 20:26:43 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-30 20:26:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-30 20:26:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-30 20:26:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-30 20:26:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-30 20:26:35 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-30 20:26:32 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-30 20:26:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-30 20:26:30 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-30 20:26:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-30 20:26:28 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-30 20:26:28 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-30 20:26:25 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-30 20:26:25 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-30 20:26:24 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-30 20:26:18 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-30 20:26:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-30 20:26:15 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-30 20:26:15 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-30 20:26:11 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-30 20:26:10 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-30 20:26:10 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-30 20:26:09 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-30 20:26:08 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-30 20:26:07 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-30 20:26:06 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-30 20:26:04 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-30 20:26:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-30 20:23:49 ----A---- C:\WINDOWS\system32\win32k.sys
2015-06-30 20:00:13 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft

======List of files/folders modified in the last 1 month======

2015-07-10 08:51:52 ----D---- C:\WINDOWS\Prefetch
2015-07-10 08:51:34 ----RD---- C:\Program Files
2015-07-10 08:50:01 ----D---- C:\WINDOWS\Temp
2015-07-10 08:35:44 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-10 08:00:02 ----D---- C:\WINDOWS\system32\sru
2015-07-10 07:53:58 ----D---- C:\Users\sweety\AppData\Roaming\Skype
2015-07-09 18:37:50 ----D---- C:\WINDOWS\System32
2015-07-09 18:37:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-09 18:37:49 ----D---- C:\WINDOWS\Inf
2015-07-09 15:58:45 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-09 15:54:05 ----D---- C:\WINDOWS\system32\drivers
2015-07-09 15:12:14 ----D---- C:\WINDOWS\WinSxS
2015-07-09 15:12:14 ----D---- C:\WINDOWS\SysWOW64
2015-07-09 15:11:24 ----D---- C:\WINDOWS\CbsTemp
2015-07-09 15:10:59 ----D---- C:\WINDOWS\system32\config
2015-07-09 09:39:27 ----D---- C:\Program Files (x86)\AmIcoSingLun
2015-07-08 20:17:39 ----D---- C:\WINDOWS\system32\NDF
2015-07-08 18:01:06 ----SD---- C:\Users\sweety\AppData\Roaming\Microsoft
2015-07-08 11:25:10 ----RD---- C:\Program Files (x86)
2015-07-08 11:22:07 ----D---- C:\WINDOWS\Tasks
2015-07-08 11:22:07 ----D---- C:\WINDOWS\system32\Tasks
2015-07-08 11:21:59 ----D---- C:\Program Files\Common Files\System
2015-07-08 11:20:07 ----HD---- C:\ProgramData
2015-07-08 10:37:46 ----SHD---- C:\WINDOWS\Installer
2015-07-08 10:34:32 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-08 10:28:22 ----D---- C:\Windows
2015-07-07 19:54:15 ----D---- C:\ProgramData\AVAST Software
2015-07-07 19:48:59 ----SHD---- C:\System Volume Information
2015-07-07 19:44:30 ----RSD---- C:\WINDOWS\assembly
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-06 14:48:09 ----D---- C:\WINDOWS\system32\catroot2
2015-07-06 00:11:54 ----D---- C:\WINDOWS\AppReadiness
2015-07-06 00:11:53 ----HD---- C:\Program Files\WindowsApps
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 20:28:46 ----RD---- C:\WINDOWS\ToastData
2015-07-02 20:14:21 ----D---- C:\WINDOWS\system32\MRT
2015-07-02 20:07:09 ----A---- C:\WINDOWS\system32\MRT.exe
2015-07-02 19:49:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-02 19:24:18 ----HD---- C:\WINDOWS\system32\GroupPolicy
2015-07-02 19:14:47 ----D---- C:\Program Files (x86)\Adobe
2015-07-02 18:24:25 ----A---- C:\WINDOWS\win.ini
2015-07-02 18:18:49 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2015-07-02 16:25:45 ----SHD---- C:\$Recycle.Bin
2015-07-02 16:24:35 ----RSD---- C:\WINDOWS\Fonts
2015-07-02 15:53:49 ----SD---- C:\ProgramData\Microsoft
2015-07-01 19:27:14 ----D---- C:\WINDOWS\rescache
2015-06-30 21:15:00 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-30 21:14:59 ----D---- C:\Program Files\Internet Explorer
2015-06-30 21:14:58 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-30 21:14:53 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-30 21:14:53 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-29 11:36:43 ----D---- C:\Program Files\Microsoft Office 15
2015-06-29 09:13:22 ----D---- C:\WINDOWS\system32\wbem
2015-06-29 09:11:11 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-29 09:11:11 ----RSD---- C:\WINDOWS\Media
2015-06-29 09:11:11 ----D---- C:\ProgramData\P4G
2015-06-29 09:11:10 ----D---- C:\WINDOWS\SYSWOW64\wbem
2015-06-29 09:11:10 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 09:11:09 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-06-29 09:11:09 ----D---- C:\WINDOWS\system32\migration
2015-06-29 09:11:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-06-29 09:11:09 ----D---- C:\WINDOWS\apppatch
2015-06-29 09:10:44 ----SD---- C:\WINDOWS\system32\GWX
2015-06-29 09:10:36 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-06-29 09:10:35 ----D---- C:\WINDOWS\servicing
2015-06-29 09:10:25 ----D---- C:\ProgramData\Skype
2015-06-29 09:10:09 ----D---- C:\Program Files\Common Files\microsoft shared
2015-06-29 09:10:06 ----RD---- C:\Program Files (x86)\Skype
2015-06-29 09:10:05 ----D---- C:\Program Files (x86)\Common Files
2015-06-29 08:53:17 ----D---- C:\WINDOWS\registration
2015-06-29 08:50:19 ----D---- C:\WINDOWS\system32\Sysprep
2015-06-29 08:02:07 ----D---- C:\WINDOWS\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-07-07 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-07-07 272248]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-07-07 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-07-07 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-07-07 442264]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-07-07 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-07-07 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-07-07 137288]
R2 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
R2 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2011-08-04 137144]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 AthBTPort;@oem6.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 ATP;@oem22.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-04-16 65784]
R3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
R3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
R3 BTATH_BUS;@oem23.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BTATH_HCRP;@oem8.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
R3 BTATH_LWFLT;@oem9.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
R3 BTATH_RCP;@oem11.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem15.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcDAud;@oem19.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-07-10 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
R3 MEIx64;@oem20.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 VIAHdAudAddService;@oem21.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-08-14 2206352]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 nmwcd;@oem26.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem30.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-22 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-07 343336]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-07 2736824]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;@oem21.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\viakaraokesrv.exe [2012-08-14 27792]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09 107848]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-30 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-12-13 150600]

-----------------EOF-----------------


Tady je jeden log, ale to druhé, přesně, jak píšete, se mi blokuje. Vypla jsem i antivir, ale píše, že Chrome zablokoval stránku, nemohu se tam dostat

Tak spustte jen samotny FRST, tak jako na zacatku.