Dobrý den,
ntb jsem zde cca před týdnem - 14 dní, za pomoci Vašeho fóra vyčistil a týden vše šlo v pořádku. A od včera mi zničeho nic začali vyskakovat různe reklamy a znemožnili mi se připojit jen na stránky youtube, facebook a googe mail
Prosím moc o pomoc co s tím, dělo se to nejdříve v Google Chrome, ten jsem odinstaloval a ted se to je děje i v Mozille Firefox
log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lu at 2016-03-09 22:09:49
Microsoft Windows 8.1
System drive C: has 125 GB (65%) free of 190 GB
Total RAM: 3982 MB (9% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:57, on 9. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Lu\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Lu.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50656;https=127.0.0.1:50656
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{D41F060F-5E35-4BAE-9BA7-E69000AB3842}: NameServer = 82.163.143.171 82.163.142.173
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 12297 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d8667495-aee4-4b40-9518-fbdc5e5d06a2 -SystemEventPortName:HostProcess-5bc2196d-92ca-44f2-b02b-12254effe50b -IoCancelEventPortName:HostProcess-0478da0c-2f32-44df-b996-5b63919da480 -NonStateChangingEventPortName:HostProcess-f5a05032-6f4d-4dce-a894-8f73334a994d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a9766caa-2379-4396-83db-682fbaed21c3 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
C:\WINDOWS\system32\WLANExt.exe 350537777648
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
dashost.exe {83313f80-d412-483c-8cb8b5cab2f4acfa}
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
taskeng.exe {1EA6901A-D58A-4BA7-B083-4EF6F91032DB}
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskhostex.exe
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Lu\AppData\Roaming\Spotify\SpotifyCrashService.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --channel="3144.0.761911737\1719909416" --no-sandbox --disable-d3d11 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 /prefetch:822062411
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --no-sandbox --lang=en-US --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 --disable-extensions --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3144.1.1737322617\362899041" /prefetch:673131151
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /PRODUCT:Reader /VERSION:10.0 /MODE:3
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Users\Lu\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\znes1esv.default
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-30 13192848]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-02-21 1524336]
"Spotify"=C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe [2016-02-21 6743664]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-01-15 23499656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-09-11 2087264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-20 7139768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL, C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-09 22:09:49 ----D---- C:\rsit
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-09 07:45:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\jscript.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\hlink.dll
2016-03-09 07:45:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-03-09 07:45:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 07:45:24 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-03-09 07:45:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\WMASF.DLL
2016-03-09 07:43:37 ----A---- C:\WINDOWS\system32\WMASF.DLL
2016-03-09 07:43:35 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 07:43:34 ----A---- C:\WINDOWS\system32\win32k.sys
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-05 18:39:53 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-27 23:51:59 ----D---- C:\Program Files\Defraggler
2016-02-27 23:48:42 ----A---- C:\DelFix.txt
2016-02-24 11:40:48 ----D---- C:\Program Files\trend micro
2016-02-23 00:14:46 ----D---- C:\Program Files\iPod
2016-02-23 00:14:46 ----D---- C:\Program Files (x86)\iTunes
2016-02-23 00:14:44 ----D---- C:\Program Files\iTunes
2016-02-23 00:12:24 ----D---- C:\Program Files (x86)\Apple Software Update
2016-02-23 00:11:50 ----D---- C:\Program Files\Bonjour
2016-02-23 00:11:50 ----D---- C:\Program Files (x86)\Bonjour
2016-02-23 00:11:15 ----SHD---- C:\Config.Msi
2016-02-20 19:43:47 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 19:34:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-02-20 19:32:34 ----D---- C:\Users\Lu\AppData\Roaming\AVAST Software
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files\AV
2016-02-20 19:32:08 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-02-20 19:31:46 ----A---- C:\WINDOWS\avastSS.scr
2016-02-20 19:30:23 ----D---- C:\Program Files\AVAST Software
2016-02-20 19:29:59 ----D---- C:\ProgramData\AVAST Software
2016-02-19 16:04:18 ----D---- C:\ProgramData\bb132b99
======List of files/folders modified in the last 1 month======
2016-03-09 22:05:19 ----D---- C:\Users\Lu\AppData\Roaming\Spotify
2016-03-09 22:02:01 ----D---- C:\WINDOWS\system32\sru
2016-03-09 20:41:32 ----D---- C:\WINDOWS\Prefetch
2016-03-09 20:40:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-09 20:37:53 ----D---- C:\WINDOWS\Temp
2016-03-09 20:19:53 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-03-09 20:17:52 ----D---- C:\WINDOWS\system32\config
2016-03-09 20:17:50 ----D---- C:\WINDOWS\WinSxS
2016-03-09 20:17:33 ----D---- C:\ProgramData\NVIDIA
2016-03-09 20:17:32 ----D---- C:\WINDOWS\Inf
2016-03-09 10:01:36 ----RD---- C:\WINDOWS\System32
2016-03-09 10:01:36 ----D---- C:\WINDOWS\SysWOW64
2016-03-09 10:01:32 ----D---- C:\Program Files\Internet Explorer
2016-03-09 10:01:32 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 10:01:31 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\drivers
2016-03-09 09:28:19 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-09 09:27:33 ----RSD---- C:\WINDOWS\assembly
2016-03-09 09:21:58 ----SHD---- C:\System Volume Information
2016-03-09 09:09:17 ----HD---- C:\Program Files\WindowsApps
2016-03-09 08:59:30 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 08:59:28 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 08:57:43 ----D---- C:\WINDOWS\CbsTemp
2016-03-09 07:45:52 ----D---- C:\WINDOWS\AppReadiness
2016-03-09 07:42:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-03-09 07:42:32 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-03-09 07:42:31 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-03-06 16:51:19 ----HD---- C:\ProgramData
2016-03-05 17:16:48 ----D---- C:\Windows
2016-03-02 10:14:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 23:51:59 ----RD---- C:\Program Files
2016-02-27 23:49:49 ----D---- C:\WINDOWS\debug
2016-02-27 20:47:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 20:45:35 ----D---- C:\WINDOWS\Tasks
2016-02-27 20:45:35 ----D---- C:\WINDOWS\system32\drivers\etc
2016-02-27 17:18:27 ----RD---- C:\Program Files (x86)
2016-02-26 22:55:55 ----DC---- C:\WINDOWS\Panther
2016-02-26 22:54:53 ----D---- C:\Users\Lu\AppData\Roaming\uTorrent
2016-02-25 17:03:47 ----D---- C:\WINDOWS\system32\Tasks
2016-02-23 13:35:52 ----D---- C:\WINDOWS\SoftwareDistribution
2016-02-23 00:15:51 ----SHD---- C:\WINDOWS\Installer
2016-02-23 00:14:46 ----D---- C:\Program Files\Common Files\Apple
2016-02-23 00:14:42 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2016-02-23 00:12:07 ----D---- C:\WINDOWS\system32\catroot
2016-02-21 16:03:35 ----D---- C:\Users\Lu\AppData\Roaming\Skype
2016-02-20 22:56:00 ----RSD---- C:\WINDOWS\Fonts
2016-02-20 22:49:38 ----D---- C:\Program Files (x86)\Opera
2016-02-20 22:48:37 ----D---- C:\Users\Lu\AppData\Roaming\Opera Software
2016-02-20 22:47:08 ----D---- C:\Program Files (x86)\Google
2016-02-20 19:43:54 ----D---- C:\ProgramData\Skype
2016-02-20 19:43:48 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files
2016-02-19 00:19:12 ----D---- C:\Program Files (x86)\Dropbox
2016-02-15 13:10:37 ----D---- C:\WINDOWS\rescache
2016-02-12 17:36:14 ----D---- C:\Program Files\Windows Journal
2016-02-12 17:36:08 ----D---- C:\WINDOWS\system32\wbem
2016-02-12 17:36:08 ----D---- C:\WINDOWS\system32\en-US
2016-02-10 16:16:44 ----D---- C:\WINDOWS\system32\NDF
2016-02-10 08:03:18 ----D---- C:\WINDOWS\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 excsd;ExpressCache Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\excsd.sys [2012-03-30 95024]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-10 32544]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-02-20 1065720]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 excfs;ExpressCache File System Filter Driver; C:\WINDOWS\system32\DRIVERS\excfs.sys [2012-03-30 23344]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2013-11-22 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-02-20 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-20 165344]
R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\WINDOWS\system32\DRIVERS\acpials.sys [2014-11-22 9216]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 AMPPAL;@oem4.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys [2012-07-17 162344]
R3 ATP;@oem8.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-22 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-11-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-22 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 DptfDevDram;DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [2012-07-13 107328]
R3 DptfDevFan;DptfDevFan; C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys [2012-07-13 42816]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [2012-07-13 64832]
R3 DptfDevPch;DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [2012-07-13 96064]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [2012-07-13 228672]
R3 DptfManager;DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [2012-07-13 361792]
R3 HIDSwitch;@oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-04 4134672]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-27 342528]
R3 irstrtdv;@oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-07-30 43800]
R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem37.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NETwNe64;@oem19.inf,%NIC_Service_DispName_WIN8_64%;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [2013-10-08 3345376]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-10 12572960]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem38.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-11-22 226304]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-22 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-11-22 1198080]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 USBAAPL64;@oem46.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 731688]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-05-02 135952]
R2 DptfParticipantProcessorService;@oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2012-07-30 29056]
R2 DptfPolicyConfigTDPService;@oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [2012-07-30 30592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-03-30 79664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2012-07-30 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-23 922912]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-10 1364256]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-20 269504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-22 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 644880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-27 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
-----------------EOF-----------------
Diky
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakování nechtěných oken
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vyskakování nechtěných oken
- Přílohy
-
- zde jedna ze stránek co stále vyskakuje.
- 10656140_10205988317486384_1139760452_n.jpg (26.39 KiB) Zobrazeno 2422 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakování nechtěných oken
Dobrý večer,
Ten program nic nenašel.
Bohužel stále nejde de facto použít prohlížeč. Při otevření jakýchkoli stránek se děje jedno z následujících:
1.přesměruje mne to na (viz.fotka) windows repair
2. objeví se černý rámeček s nápisem advertising a odpočítáváním, který nejde vypnout a pak shodí stránky a přesměruje je na rozličné reklamy (casino, hry, atp.)
Jediné kde se to neděje je FB, Gmail, Google, Youtube, Outlook.
zde log
# AdwCleaner v5.101 - Logfile created 10/03/2016 at 21:16:57
# Updated 07/03/2016 by Xplode
# Database : 2016-03-06.3 [Local]
# Operating system : Windows 8.1 (x64)
# Username : Lu - LU
# Running from : C:\Users\Lu\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\bb132b99
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{bb132b99}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D41F060F-5E35-4BAE-9BA7-E69000AB3842} [NameServer]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [943 bytes] - [10/03/2016 21:16:57]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1057 bytes] - [10/03/2016 21:12:55]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1128 bytes] ##########
děkuji
Ten program nic nenašel.
Bohužel stále nejde de facto použít prohlížeč. Při otevření jakýchkoli stránek se děje jedno z následujících:
1.přesměruje mne to na (viz.fotka) windows repair
2. objeví se černý rámeček s nápisem advertising a odpočítáváním, který nejde vypnout a pak shodí stránky a přesměruje je na rozličné reklamy (casino, hry, atp.)
Jediné kde se to neděje je FB, Gmail, Google, Youtube, Outlook.
zde log
# AdwCleaner v5.101 - Logfile created 10/03/2016 at 21:16:57
# Updated 07/03/2016 by Xplode
# Database : 2016-03-06.3 [Local]
# Operating system : Windows 8.1 (x64)
# Username : Lu - LU
# Running from : C:\Users\Lu\Desktop\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\bb132b99
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{bb132b99}
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D41F060F-5E35-4BAE-9BA7-E69000AB3842} [NameServer]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [943 bytes] - [10/03/2016 21:16:57]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1057 bytes] - [10/03/2016 21:12:55]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1128 bytes] ##########
děkuji
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakování nechtěných oken
Dobrý den,
Zde log z rsit
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lu at 2016-03-16 08:04:58
Microsoft Windows 8.1
System drive C: has 127 GB (67%) free of 190 GB
Total RAM: 3982 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:05:00, on 16. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\Lu.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50656;https=127.0.0.1:50656
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 11898 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d051430f-4f42-40b1-9500-4385aedfc756 -SystemEventPortName:HostProcess-57e183ea-3966-4fa9-b59b-b69f3ea5d366 -IoCancelEventPortName:HostProcess-0cfe724c-934e-4913-b6f9-6258c2fe4f5b -NonStateChangingEventPortName:HostProcess-90326423-40b6-437d-83ff-0923f1730759 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ada3e96-ff1e-449a-a620-801d7a6d94b8 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
dashost.exe {163c8805-2198-40ed-9028a735d81319b2}
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
taskeng.exe {F7B6813A-3AC3-4E89-B2C3-C7A8C9424038}
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --channel="3052.2.194635985\1961859137" --no-sandbox --disable-d3d11 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,24,51,55 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 /prefetch:822062411
C:\WINDOWS\system32\wbem\WmiApSrv.exe
C:\WINDOWS\system32\WLANExt.exe 652878474096
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
KBFiltr.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lu\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\znes1esv.default
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-30 13192848]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-02-21 1524336]
"Spotify"=C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe [2016-02-21 6743664]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-02-24 23260000]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-09-11 2087264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-20 7139768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL, C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-10 21:12:34 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:09:49 ----D---- C:\rsit
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-09 07:45:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\jscript.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\hlink.dll
2016-03-09 07:45:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-03-09 07:45:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 07:45:24 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-03-09 07:45:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\WMASF.DLL
2016-03-09 07:43:37 ----A---- C:\WINDOWS\system32\WMASF.DLL
2016-03-09 07:43:35 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 07:43:34 ----A---- C:\WINDOWS\system32\win32k.sys
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-05 18:39:53 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-27 23:51:59 ----D---- C:\Program Files\Defraggler
2016-02-27 23:48:42 ----A---- C:\DelFix.txt
2016-02-24 11:40:48 ----D---- C:\Program Files\trend micro
2016-02-23 00:14:46 ----D---- C:\Program Files\iPod
2016-02-23 00:14:46 ----D---- C:\Program Files (x86)\iTunes
2016-02-23 00:14:44 ----D---- C:\Program Files\iTunes
2016-02-23 00:12:24 ----D---- C:\Program Files (x86)\Apple Software Update
2016-02-23 00:11:50 ----D---- C:\Program Files\Bonjour
2016-02-23 00:11:50 ----D---- C:\Program Files (x86)\Bonjour
2016-02-23 00:11:15 ----SHD---- C:\Config.Msi
2016-02-20 19:43:47 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 19:34:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-02-20 19:32:34 ----D---- C:\Users\Lu\AppData\Roaming\AVAST Software
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files\AV
2016-02-20 19:32:08 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswmonflt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-02-20 19:31:46 ----A---- C:\WINDOWS\avastSS.scr
2016-02-20 19:30:23 ----D---- C:\Program Files\AVAST Software
2016-02-20 19:29:59 ----D---- C:\ProgramData\AVAST Software
======List of files/folders modified in the last 1 month======
2016-03-16 08:00:00 ----D---- C:\WINDOWS\system32\sru
2016-03-16 08:00:00 ----D---- C:\WINDOWS\Prefetch
2016-03-15 23:09:18 ----D---- C:\WINDOWS\Temp
2016-03-15 23:08:57 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-15 22:05:07 ----SHD---- C:\System Volume Information
2016-03-15 22:01:34 ----D---- C:\WINDOWS\system32\config
2016-03-14 08:10:54 ----HD---- C:\ProgramData
2016-03-13 22:32:03 ----SHD---- C:\WINDOWS\Installer
2016-03-12 22:49:36 ----D---- C:\WINDOWS\system32\NDF
2016-03-11 19:14:04 ----D---- C:\WINDOWS\WinSxS
2016-03-11 19:14:04 ----D---- C:\WINDOWS\SysWOW64
2016-03-11 19:13:57 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 18:33:03 ----D---- C:\WINDOWS\AppReadiness
2016-03-11 09:12:37 ----D---- C:\Users\Lu\AppData\Roaming\Spotify
2016-03-10 22:00:52 ----D---- C:\WINDOWS\system32\catroot2
2016-03-10 21:58:01 ----D---- C:\WINDOWS\rescache
2016-03-10 21:23:27 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 21:22:20 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-03-10 21:18:10 ----D---- C:\ProgramData\NVIDIA
2016-03-10 21:12:34 ----RD---- C:\Program Files (x86)
2016-03-09 20:40:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-09 20:17:32 ----D---- C:\WINDOWS\Inf
2016-03-09 10:01:36 ----RD---- C:\WINDOWS\System32
2016-03-09 10:01:32 ----D---- C:\Program Files\Internet Explorer
2016-03-09 10:01:32 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 10:01:31 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-09 09:27:33 ----RSD---- C:\WINDOWS\assembly
2016-03-09 09:09:17 ----HD---- C:\Program Files\WindowsApps
2016-03-09 09:09:15 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 08:59:28 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 07:42:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-03-09 07:42:32 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-03-09 07:42:31 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-03-08 08:00:28 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 17:16:48 ----D---- C:\Windows
2016-03-02 10:14:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 23:51:59 ----RD---- C:\Program Files
2016-02-27 23:49:49 ----D---- C:\WINDOWS\debug
2016-02-27 20:47:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 20:45:35 ----D---- C:\WINDOWS\Tasks
2016-02-27 20:45:35 ----D---- C:\WINDOWS\system32\drivers\etc
2016-02-26 22:55:55 ----DC---- C:\WINDOWS\Panther
2016-02-26 22:54:53 ----D---- C:\Users\Lu\AppData\Roaming\uTorrent
2016-02-25 17:03:47 ----D---- C:\WINDOWS\system32\Tasks
2016-02-23 13:35:52 ----D---- C:\WINDOWS\SoftwareDistribution
2016-02-23 00:14:46 ----D---- C:\Program Files\Common Files\Apple
2016-02-23 00:14:42 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2016-02-23 00:12:07 ----D---- C:\WINDOWS\system32\catroot
2016-02-21 16:03:35 ----D---- C:\Users\Lu\AppData\Roaming\Skype
2016-02-20 22:56:00 ----RSD---- C:\WINDOWS\Fonts
2016-02-20 22:49:38 ----D---- C:\Program Files (x86)\Opera
2016-02-20 22:48:37 ----D---- C:\Users\Lu\AppData\Roaming\Opera Software
2016-02-20 22:47:08 ----D---- C:\Program Files (x86)\Google
2016-02-20 19:43:54 ----D---- C:\ProgramData\Skype
2016-02-20 19:43:48 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files
2016-02-19 00:19:12 ----D---- C:\Program Files (x86)\Dropbox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 excsd;ExpressCache Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\excsd.sys [2012-03-30 95024]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-10 32544]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-10 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 excfs;ExpressCache File System Filter Driver; C:\WINDOWS\system32\DRIVERS\excfs.sys [2012-03-30 23344]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2013-11-22 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-10 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-20 165344]
R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\WINDOWS\system32\DRIVERS\acpials.sys [2014-11-22 9216]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 AMPPAL;@oem4.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys [2012-07-17 162344]
R3 ATP;@oem8.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-22 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-11-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-22 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 DptfDevDram;DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [2012-07-13 107328]
R3 DptfDevFan;DptfDevFan; C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys [2012-07-13 42816]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [2012-07-13 64832]
R3 DptfDevPch;DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [2012-07-13 96064]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [2012-07-13 228672]
R3 DptfManager;DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [2012-07-13 361792]
R3 HIDSwitch;@oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-04 4134672]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-27 342528]
R3 irstrtdv;@oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-07-30 43800]
R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem37.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NETwNe64;@oem19.inf,%NIC_Service_DispName_WIN8_64%;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [2013-10-08 3345376]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-10 12572960]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem38.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-11-22 226304]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-22 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-11-22 1198080]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 USBAAPL64;@oem46.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 731688]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-05-02 135952]
R2 DptfParticipantProcessorService;@oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2012-07-30 29056]
R2 DptfPolicyConfigTDPService;@oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [2012-07-30 30592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-03-30 79664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2012-07-30 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-23 922912]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-10 1364256]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-20 269504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-22 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 644880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-27 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
-----------------EOF-----------------
Děkuji
Zde log z rsit
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lu at 2016-03-16 08:04:58
Microsoft Windows 8.1
System drive C: has 127 GB (67%) free of 190 GB
Total RAM: 3982 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:05:00, on 16. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\Lu.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50656;https=127.0.0.1:50656
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 11898 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d051430f-4f42-40b1-9500-4385aedfc756 -SystemEventPortName:HostProcess-57e183ea-3966-4fa9-b59b-b69f3ea5d366 -IoCancelEventPortName:HostProcess-0cfe724c-934e-4913-b6f9-6258c2fe4f5b -NonStateChangingEventPortName:HostProcess-90326423-40b6-437d-83ff-0923f1730759 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ada3e96-ff1e-449a-a620-801d7a6d94b8 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
dashost.exe {163c8805-2198-40ed-9028a735d81319b2}
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
taskeng.exe {F7B6813A-3AC3-4E89-B2C3-C7A8C9424038}
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --channel="3052.2.194635985\1961859137" --no-sandbox --disable-d3d11 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,24,51,55 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --enable-crash-reporter --lang=en-US --log-file="C:\Users\Lu\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.23.90 /prefetch:822062411
C:\WINDOWS\system32\wbem\WmiApSrv.exe
C:\WINDOWS\system32\WLANExt.exe 652878474096
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
KBFiltr.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lu\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\znes1esv.default
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20 901600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20 678656]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-30 13192848]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Lu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-02-21 1524336]
"Spotify"=C:\Users\Lu\AppData\Roaming\Spotify\Spotify.exe [2016-02-21 6743664]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-02-24 23260000]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-02-16 25122080]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-09-11 2087264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-02-20 7139768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL, C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-03-10 21:12:34 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 22:09:49 ----D---- C:\rsit
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-03-09 07:45:35 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-03-09 07:45:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-03-09 07:45:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-03-09 07:45:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\jscript.dll
2016-03-09 07:45:30 ----A---- C:\WINDOWS\system32\hlink.dll
2016-03-09 07:45:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-03-09 07:45:28 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\wininet.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-03-09 07:45:27 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-03-09 07:45:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-03-09 07:45:24 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-03-09 07:45:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 07:43:50 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-03-09 07:43:49 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-03-09 07:43:41 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\wmp.dll
2016-03-09 07:43:38 ----A---- C:\WINDOWS\system32\seclogon.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-03-09 07:43:37 ----A---- C:\WINDOWS\SYSWOW64\WMASF.DLL
2016-03-09 07:43:37 ----A---- C:\WINDOWS\system32\WMASF.DLL
2016-03-09 07:43:35 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2016-03-09 07:43:34 ----A---- C:\WINDOWS\system32\win32k.sys
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\mfds.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-03-09 07:43:23 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\ole32.dll
2016-03-09 07:43:21 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-03-05 18:39:53 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-27 23:51:59 ----D---- C:\Program Files\Defraggler
2016-02-27 23:48:42 ----A---- C:\DelFix.txt
2016-02-24 11:40:48 ----D---- C:\Program Files\trend micro
2016-02-23 00:14:46 ----D---- C:\Program Files\iPod
2016-02-23 00:14:46 ----D---- C:\Program Files (x86)\iTunes
2016-02-23 00:14:44 ----D---- C:\Program Files\iTunes
2016-02-23 00:12:24 ----D---- C:\Program Files (x86)\Apple Software Update
2016-02-23 00:11:50 ----D---- C:\Program Files\Bonjour
2016-02-23 00:11:50 ----D---- C:\Program Files (x86)\Bonjour
2016-02-23 00:11:15 ----SHD---- C:\Config.Msi
2016-02-20 19:43:47 ----RD---- C:\Program Files (x86)\Skype
2016-02-20 19:34:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-02-20 19:32:34 ----D---- C:\Users\Lu\AppData\Roaming\AVAST Software
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files\AV
2016-02-20 19:32:08 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswsp.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswsnx.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswmonflt.sys
2016-02-20 19:32:07 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2016-02-20 19:31:46 ----A---- C:\WINDOWS\avastSS.scr
2016-02-20 19:30:23 ----D---- C:\Program Files\AVAST Software
2016-02-20 19:29:59 ----D---- C:\ProgramData\AVAST Software
======List of files/folders modified in the last 1 month======
2016-03-16 08:00:00 ----D---- C:\WINDOWS\system32\sru
2016-03-16 08:00:00 ----D---- C:\WINDOWS\Prefetch
2016-03-15 23:09:18 ----D---- C:\WINDOWS\Temp
2016-03-15 23:08:57 ----D---- C:\WINDOWS\Microsoft.NET
2016-03-15 22:05:07 ----SHD---- C:\System Volume Information
2016-03-15 22:01:34 ----D---- C:\WINDOWS\system32\config
2016-03-14 08:10:54 ----HD---- C:\ProgramData
2016-03-13 22:32:03 ----SHD---- C:\WINDOWS\Installer
2016-03-12 22:49:36 ----D---- C:\WINDOWS\system32\NDF
2016-03-11 19:14:04 ----D---- C:\WINDOWS\WinSxS
2016-03-11 19:14:04 ----D---- C:\WINDOWS\SysWOW64
2016-03-11 19:13:57 ----D---- C:\WINDOWS\CbsTemp
2016-03-11 18:33:03 ----D---- C:\WINDOWS\AppReadiness
2016-03-11 09:12:37 ----D---- C:\Users\Lu\AppData\Roaming\Spotify
2016-03-10 22:00:52 ----D---- C:\WINDOWS\system32\catroot2
2016-03-10 21:58:01 ----D---- C:\WINDOWS\rescache
2016-03-10 21:23:27 ----D---- C:\WINDOWS\system32\drivers
2016-03-10 21:22:20 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-03-10 21:18:10 ----D---- C:\ProgramData\NVIDIA
2016-03-10 21:12:34 ----RD---- C:\Program Files (x86)
2016-03-09 20:40:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-09 20:17:32 ----D---- C:\WINDOWS\Inf
2016-03-09 10:01:36 ----RD---- C:\WINDOWS\System32
2016-03-09 10:01:32 ----D---- C:\Program Files\Internet Explorer
2016-03-09 10:01:32 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 10:01:31 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\en-GB
2016-03-09 10:01:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-03-09 09:27:33 ----RSD---- C:\WINDOWS\assembly
2016-03-09 09:09:17 ----HD---- C:\Program Files\WindowsApps
2016-03-09 09:09:15 ----D---- C:\WINDOWS\system32\MRT
2016-03-09 08:59:28 ----A---- C:\WINDOWS\system32\MRT.exe
2016-03-09 07:42:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-03-09 07:42:32 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-03-09 07:42:31 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-03-08 08:00:28 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-03-05 17:16:48 ----D---- C:\Windows
2016-03-02 10:14:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 23:51:59 ----RD---- C:\Program Files
2016-02-27 23:49:49 ----D---- C:\WINDOWS\debug
2016-02-27 20:47:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 20:45:35 ----D---- C:\WINDOWS\Tasks
2016-02-27 20:45:35 ----D---- C:\WINDOWS\system32\drivers\etc
2016-02-26 22:55:55 ----DC---- C:\WINDOWS\Panther
2016-02-26 22:54:53 ----D---- C:\Users\Lu\AppData\Roaming\uTorrent
2016-02-25 17:03:47 ----D---- C:\WINDOWS\system32\Tasks
2016-02-23 13:35:52 ----D---- C:\WINDOWS\SoftwareDistribution
2016-02-23 00:14:46 ----D---- C:\Program Files\Common Files\Apple
2016-02-23 00:14:42 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2016-02-23 00:12:07 ----D---- C:\WINDOWS\system32\catroot
2016-02-21 16:03:35 ----D---- C:\Users\Lu\AppData\Roaming\Skype
2016-02-20 22:56:00 ----RSD---- C:\WINDOWS\Fonts
2016-02-20 22:49:38 ----D---- C:\Program Files (x86)\Opera
2016-02-20 22:48:37 ----D---- C:\Users\Lu\AppData\Roaming\Opera Software
2016-02-20 22:47:08 ----D---- C:\Program Files (x86)\Google
2016-02-20 19:43:54 ----D---- C:\ProgramData\Skype
2016-02-20 19:43:48 ----D---- C:\Program Files (x86)\Common Files
2016-02-20 19:32:16 ----D---- C:\Program Files\Common Files
2016-02-19 00:19:12 ----D---- C:\Program Files (x86)\Dropbox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-20 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-02-20 287016]
R0 excsd;ExpressCache Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\excsd.sys [2012-03-30 95024]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-10 32544]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-20 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-10 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-23 463744]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 excfs;ExpressCache File System Filter Driver; C:\WINDOWS\system32\DRIVERS\excfs.sys [2012-03-30 23344]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2013-11-22 231376]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-20 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-10 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-20 165344]
R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;ALS Sensor Filter; C:\WINDOWS\system32\DRIVERS\acpials.sys [2014-11-22 9216]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 AMPPAL;@oem4.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys [2012-07-17 162344]
R3 ATP;@oem8.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-22 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-11-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-22 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-08-29 857472]
R3 DptfDevDram;DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [2012-07-13 107328]
R3 DptfDevFan;DptfDevFan; C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys [2012-07-13 42816]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [2012-07-13 64832]
R3 DptfDevPch;DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [2012-07-13 96064]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [2012-07-13 228672]
R3 DptfManager;DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [2012-07-13 361792]
R3 HIDSwitch;@oem17.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-08-06 68136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-04 4134672]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-27 342528]
R3 irstrtdv;@oem16.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-07-30 43800]
R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem37.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NETwNe64;@oem19.inf,%NIC_Service_DispName_WIN8_64%;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [2013-10-08 3345376]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-10 12572960]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem38.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;UMDF Reflector service for SensorsAlsDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-11-22 226304]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-22 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-11-22 1198080]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 USBAAPL64;@oem46.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-17 731688]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-20 237096]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-09-06 1124288]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-05-02 135952]
R2 DptfParticipantProcessorService;@oem9.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2012-07-30 29056]
R2 DptfPolicyConfigTDPService;@oem9.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [2012-07-30 30592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-03-30 79664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2012-07-30 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-10-23 922912]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-10 1364256]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-20 269504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-22 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-19 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-09 644880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-27 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
-----------------EOF-----------------
Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakování nechtěných oken
Dobrý den,
zde zasílám log.
All processes killed
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Lu
->Temp folder emptied: 82406683 bytes
->Temporary Internet Files folder emptied: 25130 bytes
->FireFox cache emptied: 377959908 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 2399 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40272321 bytes
RecycleBin emptied: 2964758997 bytes
Total Files Cleaned = 3 306,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lu
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03172016_214939
Files moved on Reboot...
C:\Users\Lu\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Děkuji
zde zasílám log.
All processes killed
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Lu
->Temp folder emptied: 82406683 bytes
->Temporary Internet Files folder emptied: 25130 bytes
->FireFox cache emptied: 377959908 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 2399 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40272321 bytes
RecycleBin emptied: 2964758997 bytes
Total Files Cleaned = 3 306,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lu
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 03172016_214939
Files moved on Reboot...
C:\Users\Lu\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakování nechtěných oken
Dobrý den,
bohužel jsem se až teď vrátil z dovolené. Zdá se, že to funguje dobře a vyskakující okna zmizela.
Děkuji za pomoc
bohužel jsem se až teď vrátil z dovolené. Zdá se, že to funguje dobře a vyskakující okna zmizela.
Děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakování nechtěných oken
To jsem rád. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?