Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Samovolné otevírání oken (google chrome)

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Ruda02
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 06 zář 2016 20:04

Samovolné otevírání oken (google chrome)

#1 Příspěvek od Ruda02 »

Zdravím, najednou se sami od sebe u některých stránek začali v novém okně otevírat podivné a neznámé weby (porno, vydělejte si X měsíčně, atp.). Můžete prosím pomoci :)? Předem děkuji.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ruda at 2016-09-06 20:57:21
Microsoft Windows 8.1 s aplikací Bing 
System drive C: has 134 GB (70%) free of 191 GB
Total RAM: 3979 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:26, on 6. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\trend micro\Ruda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.5 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11079 bytes

======Listing Processes======




c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-7c79-79409ebb1c13 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe" 
"C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
dashost.exe {cb935371-7a4d-4aaf-bdad33252fa191cb}
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
taskhostex.exe 
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
 
"C:\Windows\system32\igfxsrvc.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe" 
"C:/Users/Ruda/AppData/Local/Akamai/netsession_win.exe" --client
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Ruda\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=4740 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="2428.0.1544269864\1056455787" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=4740 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --lang=cs-CZ --log-severity=disable --peerpid=4740 /prefetch:822062411
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=4740 --enable-software-compositing --channel="2428.1.1953343201\901065138" /prefetch:673131151
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ctfmon.exe
 /S

winlogon.exe
"dwm.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
KBFiltr.exe
taskhostex.exe 
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
 
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe" 
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Yvetka\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=4844 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="6424.0.1107396727\1074418741" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=4844 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --lang=cs-CZ --log-severity=disable --peerpid=4844 /prefetch:822062411
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=4844 --enable-software-compositing --channel="6424.1.1288503716\601098079" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
ctfmon.exe
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Ruda\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=53.0.2785.89 --handshake-handle=0x138
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2412 --on-initialized-event-handle=412 --parent-handle=420 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5076.0.1547738654\866475860" --mojo-application-channel-token=F4FB5DCC1EE2E1F6A671E19474CA9540 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,17,30,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --mojo-platform-channel-handle=1136 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0C83F417753FCBD4BA42948EEE560183 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2088E58BE853F7BE4421DB30700B0914 --mojo-application-channel-token=0C83F417753FCBD4BA42948EEE560183 --channel="5076.6.1816060317\352202724" --mojo-platform-channel-handle=2392 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7FDD900B5BCA4123E85685CA552C1BA8 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=08006BCF10C4EEED282C8BF516BF084D --mojo-application-channel-token=7FDD900B5BCA4123E85685CA552C1BA8 --channel="5076.7.250786224\1474958995" --mojo-platform-channel-handle=2152 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe

"C:\Users\Ruda\Downloads\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=589C09BDC2DB0455D425A59DAF3EB403 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=1B14BAD20238E41F54467D534E210488 --mojo-application-channel-token=589C09BDC2DB0455D425A59DAF3EB403 --channel="5076.14.1356019124\244441388" --mojo-platform-channel-handle=6364 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7D9AAC66E68C0B3AED4A5A4335A117E9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=296380433FE1592AE89C18AD50ACB217 --mojo-application-channel-token=7D9AAC66E68C0B3AED4A5A4335A117E9 --channel="5076.15.454045504\824648256" --mojo-platform-channel-handle=6096 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B08D41F3F029C0D8B99B80FAF0195D24 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9CE440B1A2955476C8982A1328276B47 --mojo-application-channel-token=B08D41F3F029C0D8B99B80FAF0195D24 --channel="5076.16.1098408630\1386266192" --mojo-platform-channel-handle=6092 /prefetch:1

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolné otevírání oken (google chrome)

#2 Příspěvek od Rudy »

Zdravím!
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Ruda02
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 06 zář 2016 20:04

Re: Samovolné otevírání oken (google chrome)

#3 Příspěvek od Ruda02 »

Projeto ADWCleanerem. Nyní log vypadá takhle.

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ruda at 2016-09-07 13:04:39
Microsoft Windows 8.1 s aplikací Bing 
System drive C: has 135 GB (71%) free of 191 GB
Total RAM: 3979 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:43, on 7. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\trend micro\Ruda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-21-2842203575-413355569-2590284618-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Akamai NetSession Interface] "C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe" (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11035 bytes

======Listing Processes======




c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-f599-c461ce815925 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe" 
"C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
dashost.exe {b76e5670-14c8-4eda-be39fa1e3346e284}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskeng.exe {04B27C95-2D47-4471-AAF8-4AD5BFBC0346}
taskhostex.exe 
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
 
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:/Users/Ruda/AppData/Local/Akamai/netsession_win.exe" --client

"C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe" 
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Ruda\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=7144 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="6320.0.2057233822\1443335905" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=7144 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --lang=cs-CZ --log-severity=disable --peerpid=7144 /prefetch:822062411
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=7144 --enable-software-compositing --channel="6320.1.1063623420\2071291454" /prefetch:673131151
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
ctfmon.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580 
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Ruda\Downloads\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2016-08-19 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Ruda\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [2014-12-04 63272]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-08-18 204560]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-28 32528]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2016-09-07 13:04:39 ----D---- C:\rsit
2016-09-06 22:09:59 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-09-06 22:08:36 ----D---- C:\ProgramData\Malwarebytes
2016-09-06 22:08:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-06 21:18:09 ----D---- C:\AdwCleaner
2016-09-06 20:57:22 ----D---- C:\Program Files\trend micro
2016-08-30 09:35:41 ----D---- C:\Users\Ruda\AppData\Roaming\Kastner software
2016-08-30 09:35:20 ----D---- C:\ProgramData\KASTNER software
2016-08-30 09:35:20 ----D---- C:\Program Files (x86)\KASTNER software
2016-08-28 08:31:49 ----D---- C:\Atheros
2016-08-19 15:41:04 ----D---- C:\Users\Ruda\AppData\Roaming\VitySoft
2016-08-19 15:39:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\javaws.exe
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\javaw.exe
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\java.exe
2016-08-19 15:38:51 ----D---- C:\Program Files\Java
2016-08-19 09:53:27 ----D---- C:\Users\Ruda\AppData\Roaming\Right Hemisphere
2016-08-19 09:36:34 ----D---- C:\ProgramData\Right Hemisphere
2016-08-19 09:36:26 ----D---- C:\Program Files (x86)\Right Hemisphere
2016-08-10 09:14:54 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-10 09:14:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 09:14:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-10 09:14:39 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 09:14:36 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 09:14:32 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-10 09:14:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-10 09:14:30 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-08-10 09:14:28 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-08-10 09:14:28 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 09:14:25 ----A---- C:\WINDOWS\system32\rpcss.dll
2016-08-10 09:14:25 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2016-08-10 09:14:22 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-10 09:14:22 ----A---- C:\WINDOWS\system32\webio.dll
2016-08-10 09:14:22 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-10 09:14:19 ----AC---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-10 09:14:19 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-08-10 09:14:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-10 09:14:19 ----A---- C:\WINDOWS\system32\schannel.dll
2016-08-10 09:14:18 ----A---- C:\WINDOWS\system32\msi.dll
2016-08-10 09:14:18 ----A---- C:\WINDOWS\system32\certutil.exe
2016-08-10 09:14:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-10 09:14:17 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2016-08-10 09:14:17 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2016-08-10 09:14:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-08-10 09:14:16 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-08-10 09:14:15 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-08-10 09:14:14 ----AC---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-10 09:14:14 ----AC---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-10 09:14:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Geolocation.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\gpresult.exe
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-08-10 09:14:13 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2016-08-10 09:14:13 ----A---- C:\WINDOWS\system32\LocationApi.dll
2016-08-10 09:14:13 ----A---- C:\WINDOWS\system32\cryptxml.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\WebClnt.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\msiexec.exe
2016-08-10 09:14:11 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-08-10 09:14:10 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-08-10 09:14:10 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2016-08-10 09:14:10 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-10 09:14:10 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-08-10 09:14:09 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-08-10 09:14:09 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-10 09:14:05 ----A---- C:\WINDOWS\system32\hbaapi.dll
2016-08-10 09:14:05 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\hbaapi.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2016-08-10 09:14:04 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-08-10 09:14:03 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-08-10 09:14:03 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-08-10 09:14:02 ----AC---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-10 09:14:02 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2016-08-10 09:14:02 ----A---- C:\WINDOWS\SYSWOW64\certenc.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\certenc.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\system32\authui.dll
2016-08-10 09:14:00 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-08-10 09:14:00 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-08-10 09:06:39 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-10 09:06:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 09:06:33 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 09:06:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-10 09:06:28 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\jscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\ieui.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 09:06:23 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-10 09:06:23 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 09:06:02 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 09:06:02 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-08-10 09:06:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-10 09:06:00 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-08-10 09:05:59 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-08-10 09:05:59 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-08-10 09:05:58 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-08-10 09:05:58 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-08-10 09:05:55 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 09:05:55 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 09:05:24 ----A---- C:\WINDOWS\system32\TpmTasks.dll

======List of files/folders modified in the last 1 month======

2016-09-07 13:04:37 ----AD---- C:\WINDOWS\Temp
2016-09-07 13:03:18 ----D---- C:\WINDOWS\Prefetch
2016-09-07 13:02:58 ----D---- C:\ProgramData\MFAData
2016-09-07 13:01:05 ----D---- C:\WINDOWS\system32\sru
2016-09-07 12:54:38 ----D---- C:\WINDOWS\system32\Tasks
2016-09-07 06:47:19 ----SHD---- C:\WINDOWS\Installer
2016-09-07 06:44:17 ----RD---- C:\Program Files (x86)
2016-09-07 06:43:56 ----D---- C:\Program Files (x86)\Google
2016-09-07 06:42:16 ----D---- C:\WINDOWS\Tasks
2016-09-06 22:09:59 ----D---- C:\WINDOWS\system32\drivers
2016-09-06 22:08:36 ----HD---- C:\ProgramData
2016-09-06 21:26:12 ----D---- C:\Program Files\Common Files
2016-09-06 21:21:45 ----RD---- C:\Program Files
2016-09-06 18:43:10 ----AD---- C:\Windows
2016-09-06 17:39:17 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-06 16:11:54 ----RSD---- C:\WINDOWS\Fonts
2016-09-06 06:21:33 ----D---- C:\WINDOWS\Inf
2016-09-05 09:05:36 ----SHD---- C:\System Volume Information
2016-09-04 08:53:14 ----HD---- C:\Program Files\WindowsApps
2016-09-04 08:53:14 ----D---- C:\WINDOWS\AppReadiness
2016-09-02 14:13:22 ----D---- C:\Users\Ruda\AppData\Roaming\Skype
2016-09-02 14:03:17 ----D---- C:\Program Files (x86)\ASUS
2016-08-30 17:25:38 ----SD---- C:\Users\Ruda\AppData\Roaming\Microsoft
2016-08-28 08:31:06 ----RD---- C:\Users
2016-08-26 19:42:45 ----D---- C:\WINDOWS\system32\NDF
2016-08-24 21:14:26 ----D---- C:\WINDOWS\system32\wdi
2016-08-22 05:05:26 ----D---- C:\WINDOWS\system32\config
2016-08-19 17:54:05 ----D---- C:\WINDOWS\rescache
2016-08-19 15:39:04 ----RD---- C:\WINDOWS\System32
2016-08-19 09:52:30 ----D---- C:\WINDOWS\CbsTemp
2016-08-19 09:52:26 ----D---- C:\WINDOWS\WinSxS
2016-08-19 09:49:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-19 09:49:53 ----D---- C:\WINDOWS\SysWOW64
2016-08-19 09:49:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-08-15 20:17:34 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-10 12:25:16 ----RD---- C:\WINDOWS\ToastData
2016-08-10 12:25:08 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-10 12:25:08 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-10 12:25:07 ----D---- C:\WINDOWS\system32\wbem
2016-08-10 12:25:07 ----D---- C:\WINDOWS\system32\migration
2016-08-10 12:25:05 ----D---- C:\WINDOWS\apppatch
2016-08-10 12:25:04 ----D---- C:\Program Files\Internet Explorer
2016-08-10 12:25:04 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 09:30:07 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 09:16:28 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-10 09:13:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 09:09:58 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-06-01 261376]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-07-19 261888]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-06-20 77056]
R0 BTATH_BUS;@oem23.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem10.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-28 29464]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-06-30 314112]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2016-06-01 260352]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2016-07-20 313088]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem26.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem22.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2014-03-06 3892224]
R3 ATP;@oem19.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem25.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem25.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem28.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem30.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem32.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 GPIO;@oem12.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 HIDSwitch;@oem29.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 iaioi2c;@oem11.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-01 4002008]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem17.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem27.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-09-07 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSBASTOR;@oem21.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem20.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-01-08 848088]
R3 TXEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-26 670056]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem16.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [2014-12-04 71168]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-07-28 5267456]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-08-18 1097488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-07-28 760024]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-07-28 674552]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-07-26 1591264]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-21 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07 153752]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-09-15 86016]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolné otevírání oken (google chrome)

#4 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Ruda\AppData\Local\Akamai
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Ruda02
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 06 zář 2016 20:04

Re: Samovolné otevírání oken (google chrome)

#5 Příspěvek od Ruda02 »

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ruda at 2016-09-07 19:36:06
Microsoft Windows 8.1 s aplikací Bing 
System drive C: has 137 GB (72%) free of 191 GB
Total RAM: 3979 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:36:13, on 7. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avuirunnerx.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files\trend micro\Ruda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2017 64-bit (mi-raysat_3dsmax2017_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10707 bytes

======Listing Processes======




c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-35c9-e061f6d5252a /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe" 
"C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
KBFiltr.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
dashost.exe {1e9889ca-7f4b-4b0f-b45817379a126759}
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
taskeng.exe {C86713F6-1E92-489A-B04F-C3101612332A}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
taskhostex.exe 
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" 
"C:\Program Files (x86)\ASUS\APRP\aprp.exe" 
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
 
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe" 
"C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
 /fmw.trayonly
"C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
 /TRAYONLY
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/6.2.0.174/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Ruda\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=6860 
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="6896.0.129354170\477562418" --no-sandbox --lang=cs-CZ --log-severity=disable --peerpid=6860 --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,5,14,27 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --lang=cs-CZ --log-severity=disable --peerpid=6860 /prefetch:822062411
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=cs-CZ --log-severity=disable --peerpid=6860 --enable-software-compositing --channel="6896.1.392603365\1242102956" /prefetch:673131151

"C:\Users\Ruda\Downloads\RSITx64.exe" 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2016-08-19 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [2014-12-04 63272]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-08-18 204560]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-28 32528]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2016-07-01 721856]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2016-09-07 19:30:26 ----D---- C:\_OTM
2016-09-07 13:04:39 ----D---- C:\rsit
2016-09-06 22:09:59 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-09-06 22:08:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-09-06 22:08:36 ----D---- C:\ProgramData\Malwarebytes
2016-09-06 22:08:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-06 21:18:09 ----D---- C:\AdwCleaner
2016-09-06 20:57:22 ----D---- C:\Program Files\trend micro
2016-08-30 09:35:41 ----D---- C:\Users\Ruda\AppData\Roaming\Kastner software
2016-08-30 09:35:20 ----D---- C:\ProgramData\KASTNER software
2016-08-30 09:35:20 ----D---- C:\Program Files (x86)\KASTNER software
2016-08-28 08:31:49 ----D---- C:\Atheros
2016-08-19 15:41:04 ----D---- C:\Users\Ruda\AppData\Roaming\VitySoft
2016-08-19 15:39:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\javaws.exe
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\javaw.exe
2016-08-19 15:39:02 ----A---- C:\WINDOWS\system32\java.exe
2016-08-19 15:38:51 ----D---- C:\Program Files\Java
2016-08-19 09:53:27 ----D---- C:\Users\Ruda\AppData\Roaming\Right Hemisphere
2016-08-19 09:36:34 ----D---- C:\ProgramData\Right Hemisphere
2016-08-19 09:36:26 ----D---- C:\Program Files (x86)\Right Hemisphere
2016-08-10 09:14:54 ----A---- C:\WINDOWS\system32\sppsvc.exe
2016-08-10 09:14:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 09:14:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-10 09:14:39 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 09:14:36 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 09:14:32 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-10 09:14:30 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-10 09:14:30 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-08-10 09:14:28 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-08-10 09:14:28 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-08-10 09:14:27 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 09:14:25 ----A---- C:\WINDOWS\system32\rpcss.dll
2016-08-10 09:14:25 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-08-10 09:14:24 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-10 09:14:23 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2016-08-10 09:14:22 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-10 09:14:22 ----A---- C:\WINDOWS\system32\webio.dll
2016-08-10 09:14:22 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\system32\wucltux.dll
2016-08-10 09:14:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-08-10 09:14:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-10 09:14:19 ----AC---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-08-10 09:14:19 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-08-10 09:14:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-10 09:14:19 ----A---- C:\WINDOWS\system32\schannel.dll
2016-08-10 09:14:18 ----A---- C:\WINDOWS\system32\msi.dll
2016-08-10 09:14:18 ----A---- C:\WINDOWS\system32\certutil.exe
2016-08-10 09:14:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-10 09:14:17 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2016-08-10 09:14:17 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2016-08-10 09:14:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-08-10 09:14:16 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-08-10 09:14:15 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2016-08-10 09:14:14 ----AC---- C:\WINDOWS\system32\drivers\stornvme.sys
2016-08-10 09:14:14 ----AC---- C:\WINDOWS\system32\drivers\hidusb.sys
2016-08-10 09:14:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Geolocation.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\gpresult.exe
2016-08-10 09:14:14 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-08-10 09:14:13 ----A---- C:\WINDOWS\SYSWOW64\cryptxml.dll
2016-08-10 09:14:13 ----A---- C:\WINDOWS\system32\LocationApi.dll
2016-08-10 09:14:13 ----A---- C:\WINDOWS\system32\cryptxml.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\UserAccountBroker.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\SYSWOW64\LocationApi.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\WebClnt.dll
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-10 09:14:12 ----A---- C:\WINDOWS\system32\msiexec.exe
2016-08-10 09:14:11 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2016-08-10 09:14:10 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-08-10 09:14:10 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2016-08-10 09:14:10 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-10 09:14:10 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2016-08-10 09:14:09 ----A---- C:\WINDOWS\system32\wfapigp.dll
2016-08-10 09:14:09 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-10 09:14:05 ----A---- C:\WINDOWS\system32\hbaapi.dll
2016-08-10 09:14:05 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\wfapigp.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\hbaapi.dll
2016-08-10 09:14:04 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2016-08-10 09:14:04 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-08-10 09:14:03 ----A---- C:\WINDOWS\system32\httpprxm.dll
2016-08-10 09:14:03 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-08-10 09:14:02 ----AC---- C:\WINDOWS\system32\drivers\hidparse.sys
2016-08-10 09:14:02 ----A---- C:\WINDOWS\SYSWOW64\certutil.exe
2016-08-10 09:14:02 ----A---- C:\WINDOWS\SYSWOW64\certenc.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\wuwebv.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\httpprxp.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\certenc.dll
2016-08-10 09:14:02 ----A---- C:\WINDOWS\system32\adhsvc.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\system32\wudriver.dll
2016-08-10 09:14:01 ----A---- C:\WINDOWS\system32\authui.dll
2016-08-10 09:14:00 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2016-08-10 09:14:00 ----A---- C:\WINDOWS\system32\wuapp.exe
2016-08-10 09:06:39 ----A---- C:\WINDOWS\system32\win32k.sys
2016-08-10 09:06:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 09:06:33 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 09:06:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-10 09:06:28 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-10 09:06:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 09:06:25 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\jscript.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\ieui.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 09:06:24 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 09:06:23 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-10 09:06:23 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 09:06:02 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 09:06:02 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-08-10 09:06:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-10 09:06:00 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-08-10 09:05:59 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-08-10 09:05:59 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-08-10 09:05:58 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2016-08-10 09:05:58 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-08-10 09:05:55 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 09:05:55 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\certcli.dll
2016-08-10 09:05:54 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 09:05:24 ----A---- C:\WINDOWS\system32\TpmTasks.dll

======List of files/folders modified in the last 1 month======

2016-09-07 19:36:04 ----AD---- C:\WINDOWS\Temp
2016-09-07 19:35:17 ----D---- C:\ProgramData\MFAData
2016-09-07 19:30:28 ----D---- C:\WINDOWS\Tasks
2016-09-07 19:00:00 ----D---- C:\WINDOWS\system32\sru
2016-09-07 18:35:48 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-07 18:35:14 ----D---- C:\WINDOWS\Prefetch
2016-09-07 12:54:38 ----D---- C:\WINDOWS\system32\Tasks
2016-09-07 06:47:19 ----SHD---- C:\WINDOWS\Installer
2016-09-07 06:44:17 ----RD---- C:\Program Files (x86)
2016-09-07 06:43:56 ----D---- C:\Program Files (x86)\Google
2016-09-06 22:09:59 ----D---- C:\WINDOWS\system32\drivers
2016-09-06 22:08:36 ----HD---- C:\ProgramData
2016-09-06 21:26:12 ----D---- C:\Program Files\Common Files
2016-09-06 21:21:45 ----RD---- C:\Program Files
2016-09-06 18:43:10 ----AD---- C:\Windows
2016-09-06 16:11:54 ----RSD---- C:\WINDOWS\Fonts
2016-09-06 06:21:33 ----D---- C:\WINDOWS\Inf
2016-09-05 09:05:36 ----SHD---- C:\System Volume Information
2016-09-04 08:53:14 ----HD---- C:\Program Files\WindowsApps
2016-09-04 08:53:14 ----D---- C:\WINDOWS\AppReadiness
2016-09-02 14:13:22 ----D---- C:\Users\Ruda\AppData\Roaming\Skype
2016-09-02 14:03:17 ----D---- C:\Program Files (x86)\ASUS
2016-08-30 17:25:38 ----SD---- C:\Users\Ruda\AppData\Roaming\Microsoft
2016-08-28 08:31:06 ----RD---- C:\Users
2016-08-26 19:42:45 ----D---- C:\WINDOWS\system32\NDF
2016-08-24 21:14:26 ----D---- C:\WINDOWS\system32\wdi
2016-08-22 05:05:26 ----D---- C:\WINDOWS\system32\config
2016-08-19 17:54:05 ----D---- C:\WINDOWS\rescache
2016-08-19 15:39:04 ----RD---- C:\WINDOWS\System32
2016-08-19 09:52:30 ----D---- C:\WINDOWS\CbsTemp
2016-08-19 09:52:26 ----D---- C:\WINDOWS\WinSxS
2016-08-19 09:49:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-19 09:49:53 ----D---- C:\WINDOWS\SysWOW64
2016-08-19 09:49:53 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnsvr.exe
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnhupnp.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnhpast.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnet.dll
2016-08-19 09:49:48 ----A---- C:\WINDOWS\SYSWOW64\dpnathlp.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnet.dll
2016-08-19 09:49:41 ----A---- C:\WINDOWS\system32\dpnathlp.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dpwsockx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dpmodemx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dplayx.dll
2016-08-19 09:49:34 ----A---- C:\WINDOWS\SYSWOW64\dplaysvr.exe
2016-08-15 20:17:34 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-10 12:25:16 ----RD---- C:\WINDOWS\ToastData
2016-08-10 12:25:08 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-10 12:25:08 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-10 12:25:07 ----D---- C:\WINDOWS\system32\wbem
2016-08-10 12:25:07 ----D---- C:\WINDOWS\system32\migration
2016-08-10 12:25:05 ----D---- C:\WINDOWS\apppatch
2016-08-10 12:25:04 ----D---- C:\Program Files\Internet Explorer
2016-08-10 12:25:04 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 09:30:07 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 09:16:28 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-10 09:13:48 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 09:09:58 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-06-01 261376]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-07-19 261888]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-06-20 77056]
R0 BTATH_BUS;@oem23.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem10.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-28 29464]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-06-30 314112]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2016-06-01 260352]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2016-07-20 313088]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem26.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem22.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2014-03-06 3892224]
R3 ATP;@oem19.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem25.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem25.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem28.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem30.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem32.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 GPIO;@oem12.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 HIDSwitch;@oem29.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 iaioi2c;@oem11.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-01 4002008]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem17.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem27.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-09-07 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSBASTOR;@oem21.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem20.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-01-08 848088]
R3 TXEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-26 670056]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem16.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2016-07-01 1295376]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [2014-12-04 71168]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-07-28 5267456]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-08-18 1097488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-07-28 760024]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-02-09 347200]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07 153752]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-07-28 674552]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2016-07-26 1591264]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-11-21 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07 153752]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-09-15 86016]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolné otevírání oken (google chrome)

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“