Prosím o kontrolu. Antivir mi opakovane nasiel nejaký malware. Vzdy ho dám odstrániť a po čase sa znovu objaví.
Zdá sa, že vypol aj windows update a nedá sa opäť zapnúť.
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by kikino at 2015-07-26 16:45:16
Microsoft Windows 8.1
System drive C: has 17 GB (6%) free of 286 GB
Total RAM: 6017 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:21, on 26.7.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\kikino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... J9EC909789
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... J9EC909789
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... chTerms%7D
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [ied] C:\Users\kikino\AppData\Local\Tempiedd\ied.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [UpdateChecker] C:\Users\kikino\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe
O4 - HKCU\..\Run: [VerControl] C:\Users\kikino\AppData\Local\TempImg\VerControl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Visual Analyser Update Setup] C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - HKCU\..\Run: [Visual Analyser Update Setup for All Users] C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 11533 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\SystemAide\SystemAide.dll",serv
dashost.exe {a24e3dbf-5599-48f8-9e1895f7656e64ea}
"C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\SystemAide\SystemAide.dll",serv
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
KBFiltr.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Users\kikino\AppData\Local\Tempiedd\ied.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4244 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" /crash-reporter-parent-id=4708
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="4708.0.1974320972\1836125990" --enable-proprietary-media-types-playback --crash-reporter-pid=3920 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --enable-proprietary-media-types-playback --crash-reporter-pid=3920 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_203.dll" --ppapi-flash-version=18.0.0.203 --crash-reporter-pid=3920 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4708 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4708.3.1649156086\1952462476" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_203.dll" --ppapi-flash-version=18.0.0.203 --crash-reporter-pid=3920 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4708 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4708.8.511779500\1245134863" /prefetch:673131151
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=ppapi --channel="4708.18.1013035559\1023517775" --ppapi-flash-args --lang=sk --enable-proprietary-media-types-playback --crash-reporter-pid=3920 --ignored=" --type=renderer " /prefetch:-632637702
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
taskhost.exe $(Arg0)
"C:\Program Files\Windows Defender\MSASCui.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_203.dll" --ppapi-flash-version=18.0.0.203 --crash-reporter-pid=3920 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4708 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4708.38.933356927\1700754375" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_203.dll" --ppapi-flash-version=18.0.0.203 --crash-reporter-pid=3920 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4708 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4708.39.982256851\516482103" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe38_ Global\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\kikino\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2780776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateChecker"=C:\Users\kikino\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe [2014-01-16 7168]
"VerControl"=C:\Users\kikino\AppData\Local\TempImg\VerControl.exe [2010-10-04 339968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Visual Analyser Update Setup"=C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup []
"Visual Analyser Update Setup for All Users"=C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe [2014-03-24 2577510]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1637496]
"ied"=C:\Users\kikino\AppData\Local\Tempiedd\ied.exe [2012-11-09 20480]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-09-27 439440]
C:\Users\kikino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-26 16:45:16 ----D---- C:\rsit
2015-07-17 16:19:32 ----D---- C:\Program Files (x86)\GrieatSave4U
2015-07-17 16:19:13 ----D---- C:\Program Files (x86)\GrEatSSavE4U
2015-07-17 16:18:42 ----D---- C:\Program Files (x86)\GereatSave4UU
2015-07-17 16:18:27 ----D---- C:\Program Files (x86)\Daily Bible Verse
2015-07-14 18:07:46 ----D---- C:\Program Files (x86)\ALLlSaveeR
2015-07-14 18:07:34 ----D---- C:\Program Files (x86)\AllSaveR
2015-07-14 18:07:20 ----D---- C:\Program Files (x86)\Sri Sri Ravi Shankar
2015-07-14 18:06:47 ----D---- C:\Program Files (x86)\AlllSaver
2015-06-29 19:10:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-29 19:10:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-06-29 19:10:07 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-29 19:09:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2015-06-29 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppwinob.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\cryptxml.dll
2015-06-29 19:09:19 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-06-29 19:09:02 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-06-29 19:08:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-29 19:08:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-29 19:08:27 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-06-29 19:08:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-29 19:08:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-06-28 20:42:39 ----D---- C:\Program Files (x86)\BitSaivera
2015-06-28 20:42:27 ----D---- C:\Program Files (x86)\BittSaver
2015-06-28 20:42:06 ----D---- C:\Program Files (x86)\BittSeaver
2015-06-28 20:42:01 ----D---- C:\Program Files (x86)\Color Change for
======List of files/folders modified in the last 1 month======
2015-07-26 16:45:18 ----D---- C:\Program Files\trend micro
2015-07-26 16:45:00 ----D---- C:\WINDOWS\Prefetch
2015-07-26 16:43:53 ----D---- C:\WINDOWS\Temp
2015-07-26 16:00:00 ----D---- C:\WINDOWS\system32\sru
2015-07-26 13:51:54 ----D---- C:\Program Files (x86)\Gorgeous Charity
2015-07-26 13:51:39 ----SHD---- C:\System Volume Information
2015-07-26 13:19:24 ----D---- C:\WINDOWS\AppReadiness
2015-07-26 13:05:23 ----HD---- C:\Program Files\WindowsApps
2015-07-21 21:01:50 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-21 21:01:50 ----D---- C:\WINDOWS\Inf
2015-07-21 21:01:37 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-21 04:13:48 ----RD---- C:\WINDOWS\System32
2015-07-21 04:13:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-20 17:00:42 ----D---- C:\WINDOWS\system32\catroot
2015-07-17 22:30:56 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 22:30:39 ----SHD---- C:\WINDOWS\Installer
2015-07-17 22:27:36 ----D---- C:\Program Files (x86)\All History Cleaner
2015-07-17 22:18:48 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-17 22:18:31 ----D---- C:\WINDOWS\Tasks
2015-07-17 22:18:31 ----D---- C:\WINDOWS\system32\Tasks
2015-07-17 16:19:55 ----D---- C:\ProgramData\5994485545725763554
2015-07-17 16:19:32 ----RD---- C:\Program Files (x86)
2015-07-14 17:26:59 ----D---- C:\WINDOWS\servicing
2015-07-12 05:13:52 ----D---- C:\WINDOWS\system32\config
2015-07-10 22:29:27 ----D---- C:\WINDOWS\system32\FxsTmp
2015-07-10 22:29:23 ----D---- C:\ProgramData\CanonIJPLM
2015-07-08 20:49:15 ----D---- C:\WINDOWS\CbsTemp
2015-07-08 20:49:09 ----D---- C:\WINDOWS\WinSxS
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:55:44 ----D---- C:\WINDOWS\rescache
2015-07-01 17:28:28 ----D---- C:\Program Files (x86)\Google
2015-06-29 20:12:15 ----D---- C:\Windows
2015-06-29 20:08:39 ----RD---- C:\WINDOWS\ToastData
2015-06-29 20:08:39 ----D---- C:\WINDOWS\system32\drivers
2015-06-29 20:08:38 ----D---- C:\WINDOWS\WinStore
2015-06-29 20:08:38 ----D---- C:\WINDOWS\apppatch
2015-06-29 20:08:37 ----D---- C:\WINDOWS\system32\sk-SK
2015-06-29 19:13:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 19:13:27 ----D---- C:\WINDOWS\system32\migration
2015-06-29 19:08:21 ----D---- C:\WINDOWS\system32\catroot2
2015-06-28 20:42:16 ----D---- C:\Program Files (x86)\SaverEExtteNoseion
2015-06-28 20:42:16 ----D---- C:\Program Files (x86)\SaaveLotss
2015-06-28 20:42:16 ----D---- C:\Program Files (x86)\SaavEELots
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 dszfojub;dszfojub; \??\C:\WINDOWS\system32\drivers\dszfojub.sys []
S1 ffzmfhxe;ffzmfhxe; \??\C:\WINDOWS\system32\drivers\ffzmfhxe.sys []
S3 AthBTPort;@oem7.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem6.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem6.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_HCRP;@oem9.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
S3 BTATH_LWFLT;@oem10.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTATH_RCP;@oem12.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem8.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 f3f58402;SystemAide; C:\WINDOWS\syswow64\rundll32.exe [2013-08-22 49664]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
# AdwCleaner v4.208 - Log vytvorený 26/07/2015 at 17:17:22
# Aktualizované 09/07/2015 by Xplode
# Databáza : 2015-07-26.2 [Server]
# Operačný systém : Windows 8.1 (x64)
# Uživateľské meno : kikino - KRTKO
# Spustené z : C:\Users\kikino\Desktop\adwcleaner_4.208.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
[#] Služba Zmazané : f3f58402
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\ProgramData\Allmyapps
Priečinok Zmazané : C:\ProgramData\Innovative Solutions
Priečinok Zmazané : C:\ProgramData\5994485545725763554
Priečinok Zmazané : C:\Program Files (x86)\Isaver
Priečinok Zmazané : C:\Program Files (x86)\RegClean Pro
Priečinok Zmazané : C:\Program Files (x86)\SecretSauce
Priečinok Zmazané : C:\Program Files (x86)\Systweak Support Dock
Priečinok Zmazané : C:\Program Files (x86)\Torntv V7.0
Priečinok Zmazané : C:\Program Files (x86)\bestadblocker
Priečinok Zmazané : C:\Program Files (x86)\50Cioupoons
Priečinok Zmazané : C:\Program Files (x86)\ALLlSaveeR
Priečinok Zmazané : C:\Program Files (x86)\AlllSaver
Priečinok Zmazané : C:\Program Files (x86)\AllSaveR
Priečinok Zmazané : C:\Program Files (x86)\BaitSaver
Priečinok Zmazané : C:\Program Files (x86)\BitSaivera
Priečinok Zmazané : C:\Program Files (x86)\BittSaver
Priečinok Zmazané : C:\Program Files (x86)\BittSeaver
Priečinok Zmazané : C:\Program Files (x86)\DigeiCoeupon
Priečinok Zmazané : C:\Program Files (x86)\DiggiCoUPon
Priečinok Zmazané : C:\Program Files (x86)\ExstraiCouipon
Priečinok Zmazané : C:\Program Files (x86)\FFunDeals
Priečinok Zmazané : C:\Program Files (x86)\FFunnDeaalos
Priečinok Zmazané : C:\Program Files (x86)\FindiBeSStDeal
Priečinok Zmazané : C:\Program Files (x86)\FunDealls
Priečinok Zmazané : C:\Program Files (x86)\GereatSave4UU
Priečinok Zmazané : C:\Program Files (x86)\GrEatSSavE4U
Priečinok Zmazané : C:\Program Files (x86)\GrieatSave4U
Priečinok Zmazané : C:\Program Files (x86)\HaPipy2Savoe
Priečinok Zmazané : C:\Program Files (x86)\SaavEELots
Priečinok Zmazané : C:\Program Files (x86)\SaaveLotss
Priečinok Zmazané : C:\Program Files (x86)\SalePlus
Priečinok Zmazané : C:\Program Files (x86)\SAlePluus
Priečinok Zmazané : C:\Program Files (x86)\SaveiLots
Priečinok Zmazané : C:\Program Files (x86)\SaverEExtteNoseion
Priečinok Zmazané : C:\Program Files (x86)\SaVeuLuots
Priečinok Zmazané : C:\Program Files (x86)\ShoppDirop
Priečinok Zmazané : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Priečinok Zmazané : C:\Program Files (x86)\Common Files\FreeCause
Priečinok Zmazané : C:\Program Files (x86)\Common Files\Innovative Solutions
Priečinok Zmazané : C:\Users\kikino\AppData\Local\genienext
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Mobogenie
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Popajar
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Innovative Solutions
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\eCyber
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\iSafe
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\newnext.me
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\OpenCandy
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\Systweak
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\RHEng
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\smileyswelove
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlkdcoajjaffagfnekhbeolnahmengon
Priečinok Zmazané : C:\ProgramData\olmbflfnfhmfmofggkpjghadpefmbige
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mlkdcoajjaffagfnekhbeolnahmengon
Súbor Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Súbor Zmazané : C:\Program Files (x86)\4zres.dll
Súbor Zmazané : C:\WINDOWS\System32\log\iSafeKrnlCall.log
Súbor Zmazané : C:\WINDOWS\System32\roboot64.exe
Súbor Zmazané : C:\Users\kikino\daemonprocess.txt
***** [ Naplánované úlohy ] *****
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Kľúč registra Zmazané : HKCU\Software\Classes\pokki
Hodnota Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateChecker]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\PCSU.Registry
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Kľúč registra Zmazané : HKLM\SOFTWARE\79ee631b-ac5a-30d1-91b6-01bb5f3636f6
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f3f58402}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{398121FE-8082-4764-BD05-A21A334B7FDC}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{5DEBC66A-136E-4F2C-84CC-8A984EBA1195}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{94BBC0BB-9577-4D4E-A79D-D3F33AFF0DCE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{BD601133-B03F-4C73-B593-DB2322CBD22E}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{CBD6173B-4061-4104-BF2F-C8E81389DB27}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKCU\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\distromatic
Kľúč registra Zmazané : HKCU\Software\Popajar
Kľúč registra Zmazané : HKCU\Software\simplytech
Kľúč registra Zmazané : HKCU\Software\SmileysWeLove
Kľúč registra Zmazané : HKCU\Software\systweak
Kľúč registra Zmazané : HKCU\Software\TNT2
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Freecause
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Torntv V7.0
Kľúč registra Zmazané : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Kľúč registra Zmazané : HKLM\SOFTWARE\systweak
Kľúč registra Zmazané : HKLM\SOFTWARE\mystartsearchSoftware
Kľúč registra Zmazané : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Kľúč registra Zmazané : HKLM\SOFTWARE\Torntv V7.0
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{478472F9-9E09-492A-BDAB-42EE595EF1AD}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Speedchecker Limited
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17840
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v43.0.2357.134
[C:\Users\kikino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Extension] : mlkdcoajjaffagfnekhbeolnahmengon
-\\ Comodo Dragon v
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-20&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Zmazané [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Zmazané [Extension] : mlkdcoajjaffagfnekhbeolnahmengon
-\\ Opera v0.0.0.0
[C:\Users\kikino\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Zmazané [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14293 ... J9EC909789
*************************
AdwCleaner[R0].txt - [8792 bajtov] - [19/01/2014 12:56:32]
AdwCleaner[R1].txt - [17328 bajtov] - [26/07/2015 17:16:15]
AdwCleaner[S0].txt - [8798 bajtov] - [19/01/2014 12:57:13]
AdwCleaner[S1].txt - [14159 bajtov] - [26/07/2015 17:17:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14220 bajtov] ##########
# Aktualizované 09/07/2015 by Xplode
# Databáza : 2015-07-26.2 [Server]
# Operačný systém : Windows 8.1 (x64)
# Uživateľské meno : kikino - KRTKO
# Spustené z : C:\Users\kikino\Desktop\adwcleaner_4.208.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
[#] Služba Zmazané : f3f58402
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\ProgramData\Allmyapps
Priečinok Zmazané : C:\ProgramData\Innovative Solutions
Priečinok Zmazané : C:\ProgramData\5994485545725763554
Priečinok Zmazané : C:\Program Files (x86)\Isaver
Priečinok Zmazané : C:\Program Files (x86)\RegClean Pro
Priečinok Zmazané : C:\Program Files (x86)\SecretSauce
Priečinok Zmazané : C:\Program Files (x86)\Systweak Support Dock
Priečinok Zmazané : C:\Program Files (x86)\Torntv V7.0
Priečinok Zmazané : C:\Program Files (x86)\bestadblocker
Priečinok Zmazané : C:\Program Files (x86)\50Cioupoons
Priečinok Zmazané : C:\Program Files (x86)\ALLlSaveeR
Priečinok Zmazané : C:\Program Files (x86)\AlllSaver
Priečinok Zmazané : C:\Program Files (x86)\AllSaveR
Priečinok Zmazané : C:\Program Files (x86)\BaitSaver
Priečinok Zmazané : C:\Program Files (x86)\BitSaivera
Priečinok Zmazané : C:\Program Files (x86)\BittSaver
Priečinok Zmazané : C:\Program Files (x86)\BittSeaver
Priečinok Zmazané : C:\Program Files (x86)\DigeiCoeupon
Priečinok Zmazané : C:\Program Files (x86)\DiggiCoUPon
Priečinok Zmazané : C:\Program Files (x86)\ExstraiCouipon
Priečinok Zmazané : C:\Program Files (x86)\FFunDeals
Priečinok Zmazané : C:\Program Files (x86)\FFunnDeaalos
Priečinok Zmazané : C:\Program Files (x86)\FindiBeSStDeal
Priečinok Zmazané : C:\Program Files (x86)\FunDealls
Priečinok Zmazané : C:\Program Files (x86)\GereatSave4UU
Priečinok Zmazané : C:\Program Files (x86)\GrEatSSavE4U
Priečinok Zmazané : C:\Program Files (x86)\GrieatSave4U
Priečinok Zmazané : C:\Program Files (x86)\HaPipy2Savoe
Priečinok Zmazané : C:\Program Files (x86)\SaavEELots
Priečinok Zmazané : C:\Program Files (x86)\SaaveLotss
Priečinok Zmazané : C:\Program Files (x86)\SalePlus
Priečinok Zmazané : C:\Program Files (x86)\SAlePluus
Priečinok Zmazané : C:\Program Files (x86)\SaveiLots
Priečinok Zmazané : C:\Program Files (x86)\SaverEExtteNoseion
Priečinok Zmazané : C:\Program Files (x86)\SaVeuLuots
Priečinok Zmazané : C:\Program Files (x86)\ShoppDirop
Priečinok Zmazané : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Priečinok Zmazané : C:\Program Files (x86)\Common Files\FreeCause
Priečinok Zmazané : C:\Program Files (x86)\Common Files\Innovative Solutions
Priečinok Zmazané : C:\Users\kikino\AppData\Local\genienext
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Mobogenie
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Popajar
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Innovative Solutions
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\eCyber
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\iSafe
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\newnext.me
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\OpenCandy
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\Systweak
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\RHEng
Priečinok Zmazané : C:\Users\kikino\AppData\Roaming\smileyswelove
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlkdcoajjaffagfnekhbeolnahmengon
Priečinok Zmazané : C:\ProgramData\olmbflfnfhmfmofggkpjghadpefmbige
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Priečinok Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mlkdcoajjaffagfnekhbeolnahmengon
Súbor Zmazané : C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Súbor Zmazané : C:\Program Files (x86)\4zres.dll
Súbor Zmazané : C:\WINDOWS\System32\log\iSafeKrnlCall.log
Súbor Zmazané : C:\WINDOWS\System32\roboot64.exe
Súbor Zmazané : C:\Users\kikino\daemonprocess.txt
***** [ Naplánované úlohy ] *****
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Kľúč registra Zmazané : HKCU\Software\Classes\pokki
Hodnota Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [UpdateChecker]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\PCSU.Registry
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Kľúč registra Zmazané : HKLM\SOFTWARE\79ee631b-ac5a-30d1-91b6-01bb5f3636f6
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f3f58402}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{33B8CF8E-1B37-40DD-A652-F97EDFCA9565}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{398121FE-8082-4764-BD05-A21A334B7FDC}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{5D9FB48A-5CE2-4118-B19F-F88ADDB0F814}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{5DEBC66A-136E-4F2C-84CC-8A984EBA1195}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{94BBC0BB-9577-4D4E-A79D-D3F33AFF0DCE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{995AEC82-0E5F-419A-864E-4E50012D0863}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{BD601133-B03F-4C73-B593-DB2322CBD22E}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{CBD6173B-4061-4104-BF2F-C8E81389DB27}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03a7f11c-9738-4147-aa95-53f19f7acaf6}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4391e1a3-6881-425b-8f13-e1d11b4e4cda}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{844df3e1-690e-4fee-b263-3c437e27d628}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{febbade8-04ef-47cd-9766-290e82ccfe52}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKCU\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\distromatic
Kľúč registra Zmazané : HKCU\Software\Popajar
Kľúč registra Zmazané : HKCU\Software\simplytech
Kľúč registra Zmazané : HKCU\Software\SmileysWeLove
Kľúč registra Zmazané : HKCU\Software\systweak
Kľúč registra Zmazané : HKCU\Software\TNT2
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Freecause
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Torntv V7.0
Kľúč registra Zmazané : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Kľúč registra Zmazané : HKLM\SOFTWARE\systweak
Kľúč registra Zmazané : HKLM\SOFTWARE\mystartsearchSoftware
Kľúč registra Zmazané : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Kľúč registra Zmazané : HKLM\SOFTWARE\Torntv V7.0
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E13884-BAC3-5F4A-799B-05F882E0BD9F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{478472F9-9E09-492A-BDAB-42EE595EF1AD}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Speedchecker Limited
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17840
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v43.0.2357.134
[C:\Users\kikino\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Extension] : mlkdcoajjaffagfnekhbeolnahmengon
-\\ Comodo Dragon v
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-08-20&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Zmazané [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\kikino\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Zmazané [Extension] : mlkdcoajjaffagfnekhbeolnahmengon
-\\ Opera v0.0.0.0
[C:\Users\kikino\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Zmazané [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14293 ... J9EC909789
*************************
AdwCleaner[R0].txt - [8792 bajtov] - [19/01/2014 12:56:32]
AdwCleaner[R1].txt - [17328 bajtov] - [26/07/2015 17:16:15]
AdwCleaner[S0].txt - [8798 bajtov] - [19/01/2014 12:57:13]
AdwCleaner[S1].txt - [14159 bajtov] - [26/07/2015 17:17:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14220 bajtov] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by kikino at 2015-07-26 18:21:39
Microsoft Windows 8.1
System drive C: has 16 GB (6%) free of 286 GB
Total RAM: 6017 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:42, on 26.7.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\kikino.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [ied] C:\Users\kikino\AppData\Local\Tempiedd\ied.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [VerControl] C:\Users\kikino\AppData\Local\TempImg\VerControl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Visual Analyser Update Setup] C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - HKCU\..\Run: [Visual Analyser Update Setup for All Users] C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9787 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {bdd403b7-64c0-45de-8465154922e24d1c}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
KBFiltr.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S1].txt
"C:\Users\kikino\AppData\Local\Tempiedd\ied.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4292 CREDAT:267521 /prefetch:2
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" /crash-reporter-parent-id=4760
"C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="4760.0.665761478\1027635168" --enable-proprietary-media-types-playback --crash-reporter-pid=4884 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --enable-proprietary-media-types-playback --crash-reporter-pid=4884 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.3.671841538\1302749836" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.4.2119022916\961299133" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.5.2007816563\638679810" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
taskhost.exe $(Arg0)
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\kikino\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2780776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"VerControl"=C:\Users\kikino\AppData\Local\TempImg\VerControl.exe [2010-10-04 339968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Visual Analyser Update Setup"=C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup []
"Visual Analyser Update Setup for All Users"=C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe [2014-03-24 2577510]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1637496]
"ied"=C:\Users\kikino\AppData\Local\Tempiedd\ied.exe [2012-11-09 20480]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-09-27 439440]
C:\Users\kikino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-26 16:45:16 ----D---- C:\rsit
2015-07-17 16:18:27 ----D---- C:\Program Files (x86)\Daily Bible Verse
2015-07-14 18:07:20 ----D---- C:\Program Files (x86)\Sri Sri Ravi Shankar
2015-06-29 19:10:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-29 19:10:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-06-29 19:10:07 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-29 19:09:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2015-06-29 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppwinob.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\cryptxml.dll
2015-06-29 19:09:19 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-06-29 19:09:02 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-06-29 19:08:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-29 19:08:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-29 19:08:27 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-06-29 19:08:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-29 19:08:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-06-28 20:42:01 ----D---- C:\Program Files (x86)\Color Change for
======List of files/folders modified in the last 1 month======
2015-07-26 18:21:42 ----D---- C:\Program Files\trend micro
2015-07-26 18:02:38 ----D---- C:\WINDOWS\Temp
2015-07-26 18:00:00 ----D---- C:\WINDOWS\system32\sru
2015-07-26 17:52:31 ----D---- C:\WINDOWS\Prefetch
2015-07-26 17:51:56 ----D---- C:\WINDOWS\system32\catroot
2015-07-26 17:38:20 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-26 17:31:15 ----D---- C:\Program Files (x86)\All History Cleaner
2015-07-26 17:24:53 ----RD---- C:\WINDOWS\System32
2015-07-26 17:24:53 ----D---- C:\WINDOWS\Inf
2015-07-26 17:24:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-26 17:17:33 ----D---- C:\AdwCleaner
2015-07-26 17:17:30 ----RD---- C:\Program Files (x86)
2015-07-26 17:17:30 ----D---- C:\WINDOWS\system32\log
2015-07-26 17:17:29 ----HD---- C:\ProgramData
2015-07-26 17:17:24 ----D---- C:\Program Files (x86)\Common Files
2015-07-26 13:51:54 ----D---- C:\Program Files (x86)\Gorgeous Charity
2015-07-26 13:51:39 ----SHD---- C:\System Volume Information
2015-07-26 13:19:24 ----D---- C:\WINDOWS\AppReadiness
2015-07-26 13:05:23 ----HD---- C:\Program Files\WindowsApps
2015-07-21 21:01:50 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-17 22:30:56 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 22:30:39 ----SHD---- C:\WINDOWS\Installer
2015-07-17 22:18:31 ----D---- C:\WINDOWS\Tasks
2015-07-17 22:18:31 ----D---- C:\WINDOWS\system32\Tasks
2015-07-14 17:26:59 ----D---- C:\WINDOWS\servicing
2015-07-12 05:13:52 ----D---- C:\WINDOWS\system32\config
2015-07-10 22:29:27 ----D---- C:\WINDOWS\system32\FxsTmp
2015-07-10 22:29:23 ----D---- C:\ProgramData\CanonIJPLM
2015-07-08 20:49:15 ----D---- C:\WINDOWS\CbsTemp
2015-07-08 20:49:09 ----D---- C:\WINDOWS\WinSxS
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:55:44 ----D---- C:\WINDOWS\rescache
2015-07-01 17:28:28 ----D---- C:\Program Files (x86)\Google
2015-06-29 20:12:15 ----D---- C:\Windows
2015-06-29 20:08:39 ----RD---- C:\WINDOWS\ToastData
2015-06-29 20:08:39 ----D---- C:\WINDOWS\system32\drivers
2015-06-29 20:08:38 ----D---- C:\WINDOWS\WinStore
2015-06-29 20:08:38 ----D---- C:\WINDOWS\apppatch
2015-06-29 20:08:37 ----D---- C:\WINDOWS\system32\sk-SK
2015-06-29 19:13:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 19:13:27 ----D---- C:\WINDOWS\system32\migration
2015-06-29 19:08:21 ----D---- C:\WINDOWS\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 dszfojub;dszfojub; \??\C:\WINDOWS\system32\drivers\dszfojub.sys []
S1 ffzmfhxe;ffzmfhxe; \??\C:\WINDOWS\system32\drivers\ffzmfhxe.sys []
S3 AthBTPort;@oem7.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem6.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem6.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_HCRP;@oem9.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
S3 BTATH_LWFLT;@oem10.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTATH_RCP;@oem12.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem8.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
-----------------EOF-----------------
Run by kikino at 2015-07-26 18:21:39
Microsoft Windows 8.1
System drive C: has 16 GB (6%) free of 286 GB
Total RAM: 6017 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:42, on 26.7.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\kikino.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [ied] C:\Users\kikino\AppData\Local\Tempiedd\ied.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [VerControl] C:\Users\kikino\AppData\Local\TempImg\VerControl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Visual Analyser Update Setup] C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - HKCU\..\Run: [Visual Analyser Update Setup for All Users] C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9787 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
dashost.exe {bdd403b7-64c0-45de-8465154922e24d1c}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
KBFiltr.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S1].txt
"C:\Users\kikino\AppData\Local\Tempiedd\ied.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4292 CREDAT:267521 /prefetch:2
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" /crash-reporter-parent-id=4760
"C:\WINDOWS\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="4760.0.665761478\1027635168" --enable-proprietary-media-types-playback --crash-reporter-pid=4884 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --enable-proprietary-media-types-playback --crash-reporter-pid=4884 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.3.671841538\1302749836" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.4.2119022916\961299133" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4884 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4760 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4760.5.2007816563\638679810" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
taskhost.exe $(Arg0)
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\kikino\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2780776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"VerControl"=C:\Users\kikino\AppData\Local\TempImg\VerControl.exe [2010-10-04 339968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Visual Analyser Update Setup"=C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup []
"Visual Analyser Update Setup for All Users"=C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe [2014-03-24 2577510]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1637496]
"ied"=C:\Users\kikino\AppData\Local\Tempiedd\ied.exe [2012-11-09 20480]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-09-27 439440]
C:\Users\kikino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-26 16:45:16 ----D---- C:\rsit
2015-07-17 16:18:27 ----D---- C:\Program Files (x86)\Daily Bible Verse
2015-07-14 18:07:20 ----D---- C:\Program Files (x86)\Sri Sri Ravi Shankar
2015-06-29 19:10:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-29 19:10:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-06-29 19:10:07 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-29 19:09:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2015-06-29 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppwinob.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\cryptxml.dll
2015-06-29 19:09:19 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-06-29 19:09:02 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-06-29 19:08:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-29 19:08:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-29 19:08:27 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-06-29 19:08:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-29 19:08:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-06-28 20:42:01 ----D---- C:\Program Files (x86)\Color Change for
======List of files/folders modified in the last 1 month======
2015-07-26 18:21:42 ----D---- C:\Program Files\trend micro
2015-07-26 18:02:38 ----D---- C:\WINDOWS\Temp
2015-07-26 18:00:00 ----D---- C:\WINDOWS\system32\sru
2015-07-26 17:52:31 ----D---- C:\WINDOWS\Prefetch
2015-07-26 17:51:56 ----D---- C:\WINDOWS\system32\catroot
2015-07-26 17:38:20 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-26 17:31:15 ----D---- C:\Program Files (x86)\All History Cleaner
2015-07-26 17:24:53 ----RD---- C:\WINDOWS\System32
2015-07-26 17:24:53 ----D---- C:\WINDOWS\Inf
2015-07-26 17:24:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-26 17:17:33 ----D---- C:\AdwCleaner
2015-07-26 17:17:30 ----RD---- C:\Program Files (x86)
2015-07-26 17:17:30 ----D---- C:\WINDOWS\system32\log
2015-07-26 17:17:29 ----HD---- C:\ProgramData
2015-07-26 17:17:24 ----D---- C:\Program Files (x86)\Common Files
2015-07-26 13:51:54 ----D---- C:\Program Files (x86)\Gorgeous Charity
2015-07-26 13:51:39 ----SHD---- C:\System Volume Information
2015-07-26 13:19:24 ----D---- C:\WINDOWS\AppReadiness
2015-07-26 13:05:23 ----HD---- C:\Program Files\WindowsApps
2015-07-21 21:01:50 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-17 22:30:56 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 22:30:39 ----SHD---- C:\WINDOWS\Installer
2015-07-17 22:18:31 ----D---- C:\WINDOWS\Tasks
2015-07-17 22:18:31 ----D---- C:\WINDOWS\system32\Tasks
2015-07-14 17:26:59 ----D---- C:\WINDOWS\servicing
2015-07-12 05:13:52 ----D---- C:\WINDOWS\system32\config
2015-07-10 22:29:27 ----D---- C:\WINDOWS\system32\FxsTmp
2015-07-10 22:29:23 ----D---- C:\ProgramData\CanonIJPLM
2015-07-08 20:49:15 ----D---- C:\WINDOWS\CbsTemp
2015-07-08 20:49:09 ----D---- C:\WINDOWS\WinSxS
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:55:44 ----D---- C:\WINDOWS\rescache
2015-07-01 17:28:28 ----D---- C:\Program Files (x86)\Google
2015-06-29 20:12:15 ----D---- C:\Windows
2015-06-29 20:08:39 ----RD---- C:\WINDOWS\ToastData
2015-06-29 20:08:39 ----D---- C:\WINDOWS\system32\drivers
2015-06-29 20:08:38 ----D---- C:\WINDOWS\WinStore
2015-06-29 20:08:38 ----D---- C:\WINDOWS\apppatch
2015-06-29 20:08:37 ----D---- C:\WINDOWS\system32\sk-SK
2015-06-29 19:13:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 19:13:27 ----D---- C:\WINDOWS\system32\migration
2015-06-29 19:08:21 ----D---- C:\WINDOWS\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 dszfojub;dszfojub; \??\C:\WINDOWS\system32\drivers\dszfojub.sys []
S1 ffzmfhxe;ffzmfhxe; \??\C:\WINDOWS\system32\drivers\ffzmfhxe.sys []
S3 AthBTPort;@oem7.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem6.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem6.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_HCRP;@oem9.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
S3 BTATH_LWFLT;@oem10.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTATH_RCP;@oem12.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem8.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Users\kikino\AppData\Local\Tempiedd\ied.exe
C:\WINDOWS\system32\drivers\dszfojub.sys
C:\WINDOWS\system32\drivers\ffzmfhxe.sys
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ied"=-
:services
dszfojub
ffzmfhxe
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Logfile of random's system information tool 1.10 (written by random/random)
Run by kikino at 2015-07-26 19:14:19
Microsoft Windows 8.1
System drive C: has 35 GB (12%) free of 286 GB
Total RAM: 6017 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:14:27, on 26.7.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\kikino.exe
C:\WINDOWS\SysWOW64\DllHost.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [VerControl] C:\Users\kikino\AppData\Local\TempImg\VerControl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Visual Analyser Update Setup] C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - HKCU\..\Run: [Visual Analyser Update Setup for All Users] C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9693 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
dashost.exe {4f8ae630-e577-4409-a030cd0d29082751}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\07262015_190911.log
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" /crash-reporter-parent-id=4392
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="4392.0.933573652\1778647730" --enable-proprietary-media-types-playback --crash-reporter-pid=4416 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --enable-proprietary-media-types-playback --crash-reporter-pid=4416 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.3.1783234792\48524983" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.4.2049881709\672567625" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.5.591884377\1904591513" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\kikino\Desktop\RSITx64.exe"
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2780776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"VerControl"=C:\Users\kikino\AppData\Local\TempImg\VerControl.exe [2010-10-04 339968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Visual Analyser Update Setup"=C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup []
"Visual Analyser Update Setup for All Users"=C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe [2014-03-24 2577510]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1637496]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-09-27 439440]
C:\Users\kikino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-26 19:09:11 ----D---- C:\_OTM
2015-07-26 16:45:16 ----D---- C:\rsit
2015-07-17 16:18:27 ----D---- C:\Program Files (x86)\Daily Bible Verse
2015-07-14 18:07:20 ----D---- C:\Program Files (x86)\Sri Sri Ravi Shankar
2015-06-29 19:10:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-29 19:10:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-06-29 19:10:07 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-29 19:09:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2015-06-29 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppwinob.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\cryptxml.dll
2015-06-29 19:09:19 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-06-29 19:09:02 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-06-29 19:08:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-29 19:08:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-29 19:08:27 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-06-29 19:08:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-29 19:08:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-06-28 20:42:01 ----D---- C:\Program Files (x86)\Color Change for
======List of files/folders modified in the last 1 month======
2015-07-26 19:14:25 ----D---- C:\Program Files\trend micro
2015-07-26 19:14:18 ----D---- C:\WINDOWS\Prefetch
2015-07-26 19:13:39 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-26 19:11:45 ----D---- C:\WINDOWS\Temp
2015-07-26 19:11:20 ----D---- C:\Program Files (x86)\All History Cleaner
2015-07-26 19:00:00 ----D---- C:\WINDOWS\system32\sru
2015-07-26 17:51:56 ----D---- C:\WINDOWS\system32\catroot
2015-07-26 17:38:20 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-26 17:24:53 ----RD---- C:\WINDOWS\System32
2015-07-26 17:24:53 ----D---- C:\WINDOWS\Inf
2015-07-26 17:24:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 17:17:33 ----D---- C:\AdwCleaner
2015-07-26 17:17:30 ----RD---- C:\Program Files (x86)
2015-07-26 17:17:30 ----D---- C:\WINDOWS\system32\log
2015-07-26 17:17:29 ----HD---- C:\ProgramData
2015-07-26 17:17:24 ----D---- C:\Program Files (x86)\Common Files
2015-07-26 13:51:54 ----D---- C:\Program Files (x86)\Gorgeous Charity
2015-07-26 13:51:39 ----SHD---- C:\System Volume Information
2015-07-26 13:19:24 ----D---- C:\WINDOWS\AppReadiness
2015-07-26 13:05:23 ----HD---- C:\Program Files\WindowsApps
2015-07-21 21:01:50 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-17 22:30:56 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 22:30:39 ----SHD---- C:\WINDOWS\Installer
2015-07-17 22:18:31 ----D---- C:\WINDOWS\Tasks
2015-07-17 22:18:31 ----D---- C:\WINDOWS\system32\Tasks
2015-07-14 17:26:59 ----D---- C:\WINDOWS\servicing
2015-07-12 05:13:52 ----D---- C:\WINDOWS\system32\config
2015-07-10 22:29:27 ----D---- C:\WINDOWS\system32\FxsTmp
2015-07-10 22:29:23 ----D---- C:\ProgramData\CanonIJPLM
2015-07-08 20:49:15 ----D---- C:\WINDOWS\CbsTemp
2015-07-08 20:49:09 ----D---- C:\WINDOWS\WinSxS
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:55:44 ----D---- C:\WINDOWS\rescache
2015-07-01 17:28:28 ----D---- C:\Program Files (x86)\Google
2015-06-29 20:12:15 ----D---- C:\Windows
2015-06-29 20:08:39 ----RD---- C:\WINDOWS\ToastData
2015-06-29 20:08:39 ----D---- C:\WINDOWS\system32\drivers
2015-06-29 20:08:38 ----D---- C:\WINDOWS\WinStore
2015-06-29 20:08:38 ----D---- C:\WINDOWS\apppatch
2015-06-29 20:08:37 ----D---- C:\WINDOWS\system32\sk-SK
2015-06-29 19:13:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 19:13:27 ----D---- C:\WINDOWS\system32\migration
2015-06-29 19:08:21 ----D---- C:\WINDOWS\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem7.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem6.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem6.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_HCRP;@oem9.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
S3 BTATH_LWFLT;@oem10.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTATH_RCP;@oem12.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem8.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
-----------------EOF-----------------
Run by kikino at 2015-07-26 19:14:19
Microsoft Windows 8.1
System drive C: has 35 GB (12%) free of 286 GB
Total RAM: 6017 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:14:27, on 26.7.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
C:\Program Files\trend micro\kikino.exe
C:\WINDOWS\SysWOW64\DllHost.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.forumswatcher.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [VerControl] C:\Users\kikino\AppData\Local\TempImg\VerControl.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Visual Analyser Update Setup] C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - HKCU\..\Run: [Visual Analyser Update Setup for All Users] C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup
O4 - Startup: Orezávač obrazovky a spúšťač programu OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll,C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files (x86)\All History Cleaner\HSService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9693 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\All History Cleaner\HSService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
dashost.exe {4f8ae630-e577-4409-a030cd0d29082751}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\07262015_190911.log
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe"
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" /crash-reporter-parent-id=4392
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=gpu-process --channel="4392.0.933573652\1778647730" --enable-proprietary-media-types-playback --crash-reporter-pid=4416 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --enable-proprietary-media-types-playback --crash-reporter-pid=4416 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.3.1783234792\48524983" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.4.2049881709\672567625" /prefetch:673131151
"C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=sk --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\WINDOWS\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=4416 --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4392 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4392.5.591884377\1904591513" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\kikino\Desktop\RSITx64.exe"
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-07-19 2780776]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-02-05 1179576]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-30 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-30 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-30 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"VerControl"=C:\Users\kikino\AppData\Local\TempImg\VerControl.exe [2010-10-04 339968]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]
"Visual Analyser Update Setup"=C:\Users\kikino\AppData\Local\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe /updatesetup []
"Visual Analyser Update Setup for All Users"=C:\ProgramData\{D5A05927-FF97-473F-9457-29C49C078F6F}\SetupVA2014.02.exe [2014-03-24 2577510]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1637496]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-09-27 439440]
C:\Users\kikino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Orezávač obrazovky a spúšťač programu OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" ,C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-30 442880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-26 19:09:11 ----D---- C:\_OTM
2015-07-26 16:45:16 ----D---- C:\rsit
2015-07-17 16:18:27 ----D---- C:\Program Files (x86)\Daily Bible Verse
2015-07-14 18:07:20 ----D---- C:\Program Files (x86)\Sri Sri Ravi Shankar
2015-06-29 19:10:19 ----A---- C:\WINDOWS\system32\shell32.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-06-29 19:10:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-06-29 19:10:17 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-06-29 19:10:09 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wups.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-06-29 19:10:08 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-06-29 19:10:07 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-06-29 19:09:59 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-06-29 19:09:40 ----A---- C:\WINDOWS\system32\sppsvc.exe
2015-06-29 19:09:39 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppwinob.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\sppobjs.dll
2015-06-29 19:09:39 ----A---- C:\WINDOWS\system32\cryptxml.dll
2015-06-29 19:09:19 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-06-29 19:09:03 ----AC---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-06-29 19:09:02 ----AC---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-06-29 19:09:02 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-06-29 19:09:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-06-29 19:09:00 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-06-29 19:08:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-29 19:08:58 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-29 19:08:27 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\EventAggregation.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2015-06-29 19:08:06 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-06-29 19:08:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-06-29 19:08:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-06-28 20:42:01 ----D---- C:\Program Files (x86)\Color Change for
======List of files/folders modified in the last 1 month======
2015-07-26 19:14:25 ----D---- C:\Program Files\trend micro
2015-07-26 19:14:18 ----D---- C:\WINDOWS\Prefetch
2015-07-26 19:13:39 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-07-26 19:11:45 ----D---- C:\WINDOWS\Temp
2015-07-26 19:11:20 ----D---- C:\Program Files (x86)\All History Cleaner
2015-07-26 19:00:00 ----D---- C:\WINDOWS\system32\sru
2015-07-26 17:51:56 ----D---- C:\WINDOWS\system32\catroot
2015-07-26 17:38:20 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-26 17:24:53 ----RD---- C:\WINDOWS\System32
2015-07-26 17:24:53 ----D---- C:\WINDOWS\Inf
2015-07-26 17:24:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-26 17:17:33 ----D---- C:\AdwCleaner
2015-07-26 17:17:30 ----RD---- C:\Program Files (x86)
2015-07-26 17:17:30 ----D---- C:\WINDOWS\system32\log
2015-07-26 17:17:29 ----HD---- C:\ProgramData
2015-07-26 17:17:24 ----D---- C:\Program Files (x86)\Common Files
2015-07-26 13:51:54 ----D---- C:\Program Files (x86)\Gorgeous Charity
2015-07-26 13:51:39 ----SHD---- C:\System Volume Information
2015-07-26 13:19:24 ----D---- C:\WINDOWS\AppReadiness
2015-07-26 13:05:23 ----HD---- C:\Program Files\WindowsApps
2015-07-21 21:01:50 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-17 22:30:56 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 22:30:39 ----SHD---- C:\WINDOWS\Installer
2015-07-17 22:18:31 ----D---- C:\WINDOWS\Tasks
2015-07-17 22:18:31 ----D---- C:\WINDOWS\system32\Tasks
2015-07-14 17:26:59 ----D---- C:\WINDOWS\servicing
2015-07-12 05:13:52 ----D---- C:\WINDOWS\system32\config
2015-07-10 22:29:27 ----D---- C:\WINDOWS\system32\FxsTmp
2015-07-10 22:29:23 ----D---- C:\ProgramData\CanonIJPLM
2015-07-08 20:49:15 ----D---- C:\WINDOWS\CbsTemp
2015-07-08 20:49:09 ----D---- C:\WINDOWS\WinSxS
2015-07-06 23:24:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-02 17:55:44 ----D---- C:\WINDOWS\rescache
2015-07-01 17:28:28 ----D---- C:\Program Files (x86)\Google
2015-06-29 20:12:15 ----D---- C:\Windows
2015-06-29 20:08:39 ----RD---- C:\WINDOWS\ToastData
2015-06-29 20:08:39 ----D---- C:\WINDOWS\system32\drivers
2015-06-29 20:08:38 ----D---- C:\WINDOWS\WinStore
2015-06-29 20:08:38 ----D---- C:\WINDOWS\apppatch
2015-06-29 20:08:37 ----D---- C:\WINDOWS\system32\sk-SK
2015-06-29 19:13:27 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-06-29 19:13:27 ----D---- C:\WINDOWS\system32\migration
2015-06-29 19:08:21 ----D---- C:\WINDOWS\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem24.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem14.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_BUS;@oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-10 33944]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-30 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem25.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem11.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-06-17 11011216]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem7.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem6.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem6.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_HCRP;@oem9.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
S3 BTATH_LWFLT;@oem10.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTATH_RCP;@oem12.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBSTOR;@oem8.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2012-06-13 252048]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 HSService;All History Cleaner Service; C:\Program Files (x86)\All History Cleaner\HSService.exe [2013-05-03 295184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-17 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 276864]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
R2 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-08-10 139856]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 16941856]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-17 268976]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S4 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2014-07-09 117392]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Dvouklikem na soubor C:\Program Files\trend micro\kikino.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
všetko hotové
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
ok Ďakujem veľmi pekne
Re: Prosím o kontrolu
Akurát zistťujem, že windows update mi stále nejde zapnúť
vyhlasuje mi že "niektoré nastavenia spravuje správca systému".
lenže ja do NTB nemám iné prihlásenie iba toto
tak nerozumiem prečo to nejde
vyhlasuje mi že "niektoré nastavenia spravuje správca systému".
lenže ja do NTB nemám iné prihlásenie iba toto
tak nerozumiem prečo to nejde
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
combo fix nejde spustiť
vyhlasuje - viď príloha
že windows 2000 nie je kompatibilný systém, alebo také dačo
vyhlasuje - viď príloha
že windows 2000 nie je kompatibilný systém, alebo také dačo
- Přílohy
-
- combofix.jpg (29.67 KiB) Zobrazeno 2417 x
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
A win8.1 také ne. Omlouvám se za přehlédnutí. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?