VIRY.CZ

Dobrý deň. Prosím o kontrolu logu. Antivírus mi začal hlásiť vírus YAC a nechce ho nijak odstrániť. Ďakujem

Logfile of random's system information tool 1.16 (written by random/random)
Run by lucka petko at 2017-05-10 19:15:34
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 164 GB (54%) free of 305 GB
Total RAM: 1660 MB (25% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:08, on 10. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\lucka petko\Downloads\RSIT.exe
C:\Program Files\trend micro\lucka petko_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com?type=hp&ts=1438680201 ... 2baebo9e1o
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={53B28852 ... 2014-12-11 10:14:25&v=4.2.9.726&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - http://winaero.com/ - C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 6309 bytes

======Scheduled tasks folder======

C:\Windows\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user.job - C:\Program Files\CinemaP-1.9cV26.06\002f81f0-c08d-4ca9-8356-555cb9521212-5.exe /rawdata=sEaVlZWV5BU5YZ5Q3WF5BSV3dFzty1Aveik+p6Gz1uKdIY6N7sJ/iiKQ793ki03CCaRRdgxMDj4EFPEvvh3tWVmvZPuQQBHCZ1cemFSYYGzZj4yvT2WCF81IkGQJX/utO0Is33B9Mpm80QziF2CGIn64okRO8tI8o4EFIFuQc/kn6oOVlkXghcVXRT60l5HMnVfrpfP4+k7cWBND6JieCHJEI7ok3e2SsvuIxKQJf1aZAfv/KIslcgiXs/6RtXsPOnrcE3mfpb1z+6MyCJhXmkLq5C2R8DQsuPLJGP6MY+yuIKthKfvMwDIlehzEguW+wgDnvM6R9q48vE9HduUhu3c4VPD+fCjllXVl9y+rcajq3VysDOJdZcgsZk5gjqQ19Lk1VpQhzvosgVwVXnrnVc3dfOm8+PVlRV+LMvUMkewl8YpS4idVg/mvTCwdd7eirl+fFdf681233pXnIb1QGona3QReVHd95MieU+IO9iAcRbB5Y7nN0ZEvB/rCEGWyvpCuoWm2cZJT+1jq8+VY/wmX3RDIEFfov95luOlfVy4f4shfJte/CXNCB3Z9OZYeFXQPYvdoIj5xMBLw1m8ab/PU3yInNFqryq59lRq7jKhe6a+1H7BLk9dcBcU2TrWUAdBN6i2rba6EdFpyS/q7oF70L2MWXJzQ3HYkdTyekIw73bEfNiIudjOGinPokVyAlbe3VhSvNLoHuqU14wpP0FVncBlIXPSJpBjtfYOQBuysszhNbHn3fntc3JoP4V5MSgeyWS+BV5Kt1XRMwKBwA9gTNqXaRlFxbZoYI7DDpylGkSMkxBVGoKU8Tr0D11KSnVUOf3D3RX+YfooAKDLtRmetycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-SSU_1216tb.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\tasks\AVG-SSU_1216tb_DELETE.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\tasks\StylishPlanner.job - c:\programdata\{4a8ba50c-e914-6413-4a8b-ba50ce919433}\download.exe --startup=1 --single
C:\Windows\system32\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user - C:\Program Files\CinemaP-1.9cV26.06\002f81f0-c08d-4ca9-8356-555cb9521212-5.exe /rawdata=sEaVlZWV5BU5YZ5Q3WF5BSV3dFzty1Aveik+p6Gz1uKdIY6N7sJ/iiKQ793ki03CCaRRdgxMDj4EFPEvvh3tWVmvZPuQQBHCZ1cemFSYYGzZj4yvT2WCF81IkGQJX/utO0Is33B9Mpm80QziF2CGIn64okRO8tI8o4EFIFuQc/kn6oOVlkXghcVXRT60l5HMnVfrpfP4+k7cWBND6JieCHJEI7ok3e2SsvuIxKQJf1aZAfv/KIslcgiXs/6RtXsPOnrcE3mfpb1z+6MyCJhXmkLq5C2R8DQsuPLJGP6MY+yuIKthKfvMwDIlehzEguW+wgDnvM6R9q48vE9HduUhu3c4VPD+fCjllXVl9y+rcajq3VysDOJdZcgsZk5gjqQ19Lk1VpQhzvosgVwVXnrnVc3dfOm8+PVlRV+LMvUMkewl8YpS4idVg/mvTCwdd7eirl+fFdf681233pXnIb1QGona3QReVHd95MieU+IO9iAcRbB5Y7nN0ZEvB/rCEGWyvpCuoWm2cZJT+1jq8+VY/wmX3RDIEFfov95luOlfVy4f4shfJte/CXNCB3Z9OZYeFXQPYvdoIj5xMBLw1m8ab/PU3yInNFqryq59lRq7jKhe6a+1H7BLk9dcBcU2TrWUAdBN6i2rba6EdFpyS/q7oF70L2MWXJzQ3HYkdTyekIw73bEfNiIudjOGinPokVyAlbe3VhSvNLoHuqU14wpP0FVncBlIXPSJpBjtfYOQBuysszhNbHn3fntc3JoP4V5MSgeyWS+BV5Kt1XRMwKBwA9gTNqXaRlFxbZoYI7DDpylGkSMkxBVGoKU8Tr0D11KSnVUOf3D3RX+YfooAKDLtRmetycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ATKOSD2 - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\AVG-SSU_1216tb - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\system32\tasks\AVG-SSU_1216tb_DELETE - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - C:\Program Files\Rising\RAV\rsdelaylauncher.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468750203 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\{61D61DF8-C7EE-4D66-81DC-C178801910E9} - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\tasks\{C3CCFCC0-2113-4DA0-B25D-F796D8105921} - C:\Windows\system32\pcalua.exe -a "C:\GTA San Andreas\gtasa120cz.exe" -d "C:\GTA San Andreas"
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe invagent.dll,RunUpdate -noappraiser
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.199
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.5
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.209
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.3
Homepage: http://www.google.sk/
default_search_provider.search_url:
C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.3.31.232 Shockwave Flash C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
Plugin 11,4,402,265 Shockwave Flash C:\Program Files\Google\Chrome\Application\58.0.3029.96\gcswf32.dll
Plugin 11,4,402,265 Shockwave Flash C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
Plugin Remoting Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files\Google\Chrome\Application\58.0.3029.96\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files\Google\Chrome\Application\58.0.3029.96\pdf.dll
Plugin 1.3.21.99 Google Update C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}]
"URL"=http://www.v9.com/web?type=ds&ts=143868 ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-09-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2012-02-02 2321072]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-09-30 844448]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-09-30 694432]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-07 213824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\CCleaner\CCleaner.exe [2016-03-11 6751960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRT]
C:\Windows\system32\MRT.exe [2017-03-09 135086848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2012-06-05 1571432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-05 11430504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-06-29 53282944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-22 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-10 19:15:34 ----D---- C:\rsit
2017-05-10 19:15:34 ----D---- C:\Program Files\trend micro
2017-05-10 19:15:20 ----D---- C:\ProgramData\SWCUTemp
2017-05-08 21:54:05 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-08 18:22:16 ----D---- C:\ProgramData\VS Revo Group
2017-05-08 18:22:14 ----A---- C:\Windows\system32\drivers\revoflt.sys
2017-05-08 18:22:08 ----D---- C:\Program Files\VS Revo Group
2017-05-08 18:00:51 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-05-07 20:38:25 ----SHD---- C:\Config.Msi
2017-05-07 20:27:54 ----D---- C:\Users\lucka petko\AppData\Roaming\LibreOffice
2017-05-07 20:14:22 ----D---- C:\Program Files\LibreOffice 5
2017-05-07 19:10:29 ----D---- C:\AdwCleaner
2017-05-07 18:34:56 ----A---- C:\Windows\system32\aswBoot.exe
2017-04-13 07:39:36 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2017-04-13 07:39:35 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2017-04-13 07:39:34 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2017-04-13 07:39:33 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys

======List of files/folders modified in the last 1 month======

2017-05-10 19:15:43 ----D---- C:\Windows\system32\drivers\etc
2017-05-10 19:15:34 ----RD---- C:\Program Files
2017-05-10 19:15:20 ----HD---- C:\ProgramData
2017-05-10 19:14:54 ----D---- C:\Windows\System32
2017-05-10 19:14:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-10 19:14:53 ----D---- C:\Windows\inf
2017-05-10 19:12:32 ----D---- C:\Windows\Temp
2017-05-10 19:12:02 ----D---- C:\Windows\system32\config
2017-05-09 06:41:50 ----D---- C:\Windows\Prefetch
2017-05-08 22:12:57 ----D---- C:\Windows\Microsoft.NET
2017-05-08 22:03:02 ----RSD---- C:\Windows\assembly
2017-05-08 21:54:05 ----D---- C:\Windows\system32\drivers
2017-05-08 20:08:11 ----SHD---- C:\Windows\Installer
2017-05-08 19:42:04 ----D---- C:\Program Files\CinemaP-1.9cV26.06
2017-05-08 18:35:42 ----D---- C:\Windows
2017-05-08 18:25:24 ----SHD---- C:\System Volume Information
2017-05-07 20:47:36 ----D---- C:\Windows\winsxs
2017-05-07 20:35:55 ----D---- C:\Windows\system32\DriverStore
2017-05-07 20:15:42 ----RSD---- C:\Windows\Fonts
2017-05-07 19:33:08 ----D---- C:\Windows\system32\Tasks
2017-05-07 19:29:05 ----D---- C:\Program Files\Common Files
2017-05-07 18:48:32 ----SD---- C:\ProgramData\Microsoft
2017-05-07 18:31:24 ----D---- C:\Windows\system32\catroot2
2017-05-07 18:28:25 ----D---- C:\Windows\debug
2017-05-07 18:04:38 ----SD---- C:\Users\lucka petko\AppData\Roaming\Microsoft

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-05-07 148696]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-05-07 268016]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-05-07 41664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-07 62152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-07 279800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-05-07 258288]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-07 31064]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-07 90336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-07 764576]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-07 482608]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2011-09-07 14464]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 227776]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 97912]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 45032]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 73232]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 59152]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-07 107928]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-07 114640]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\drivers\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-05 9068032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-05 264192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-10-03 2205696]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-06-05 86544]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-09-30 25248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-05 3546664]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-06-05 35968]
S1 rmawjugl;rmawjugl; \??\C:\Windows\system32\drivers\rmawjugl.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-07 34136]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-09-30 35488]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-09-30 43680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-09-30 290976]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-09-30 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-09-30 147616]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-09-30 60064]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-09-30 263968]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-09-30 442528]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2016-12-21 35632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-06-05 197224]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-05 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-21 291840]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-09-30 84640]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-07 263304]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [2016-08-19 131024]
R2 persdwmsrv;Personalization Panel DWM controller; C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [2012-04-07 8192]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-09-30 158880]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-05-07 5732136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 103568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 102912]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-03-20 45688]
S4 MCSvc;Microsoft Cache Service; %SystemRoot%\System32\svchost.exe -k LocalServiceir;"ServiceDll"=C:\ProgramData\PreEmptive Solutions\Common\LAC\shelflife\2.0.50727__1.2.3.0.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Nech sa páči log adwcleaner

# AdwCleaner v6.046 - *Logfile created 10/05/2017 *at 20:30:32
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-10.1 [*Server]
# *Operating System : Windows 7 Starter Service Pack 1 (X86)
# *Username : lucka petko - LUCKAPETKO-PC
# *Running from : C:\Users\lucka petko\Downloads\adwcleaner_6.046.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

[-] *Service deleted: iSafeKrnlMon


***** [ *Folders ] *****

[#] *Folder deleted on reboot: C:\Users\lucka petko\AppData\Roaming\Elex-tech
[#] *Folder deleted on reboot: C:\Program Files\Elex-tech


***** [ *Files ] *****

[-] *File deleted: C:\Windows\system32\drivers\iSafeNetFilter.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeService
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnl
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlboot
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlkit
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlmon
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlr3
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafenetfilter
[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafeservice
[-] *Key deleted: HKLM\SOFTWARE\Elex-tech
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[#] *Data restored on reboot: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] *Data restored on reboot: HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] *Data restored on reboot: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] *Data restored on reboot: HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] *Data restored on reboot: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] *Data restored on reboot: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] *Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] *Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] *Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] *Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\A1A8BF904019646A862D3BF49FB33252
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] *Key deleted: HKU\S-1-5-21-3566994689-3695386668-3310937845-1004\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\A1A8BF904019646A862D3BF49FB33252
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}


***** [ *Browsers ] *****

[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: oursurfing
[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: delta-homes
[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: v9.com
[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: nicesearches.com
[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] *Deleted: hxxp://search.delta-homes.com/webfavicon.ico
[-] [C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default] [extension] *Deleted: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [32560 *Bytes] - [07/05/2017 19:37:55]
C:\AdwCleaner\AdwCleaner[C2].txt - [5732 *Bytes] - [10/05/2017 20:30:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [31896 *Bytes] - [07/05/2017 19:17:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [6444 *Bytes] - [10/05/2017 20:26:45]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5955 *Bytes] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.16 (written by random/random)
Run by lucka petko at 2017-05-10 20:49:03
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 164 GB (54%) free of 305 GB
Total RAM: 1660 MB (50% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:50:47, on 10. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\lucka petko\Downloads\RSIT.exe
C:\Program Files\trend micro\lucka petko_RSIT.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com?type=hp&ts=1438680201 ... 2baebo9e1o
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={53B28852 ... 2014-12-11 10:14:25&v=4.2.9.726&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - http://winaero.com/ - C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 6296 bytes

======Scheduled tasks folder======

C:\Windows\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user.job - C:\Program Files\CinemaP-1.9cV26.06\002f81f0-c08d-4ca9-8356-555cb9521212-5.exe /rawdata=sEaVlZWV5BU5YZ5Q3WF5BSV3dFzty1Aveik+p6Gz1uKdIY6N7sJ/iiKQ793ki03CCaRRdgxMDj4EFPEvvh3tWVmvZPuQQBHCZ1cemFSYYGzZj4yvT2WCF81IkGQJX/utO0Is33B9Mpm80QziF2CGIn64okRO8tI8o4EFIFuQc/kn6oOVlkXghcVXRT60l5HMnVfrpfP4+k7cWBND6JieCHJEI7ok3e2SsvuIxKQJf1aZAfv/KIslcgiXs/6RtXsPOnrcE3mfpb1z+6MyCJhXmkLq5C2R8DQsuPLJGP6MY+yuIKthKfvMwDIlehzEguW+wgDnvM6R9q48vE9HduUhu3c4VPD+fCjllXVl9y+rcajq3VysDOJdZcgsZk5gjqQ19Lk1VpQhzvosgVwVXnrnVc3dfOm8+PVlRV+LMvUMkewl8YpS4idVg/mvTCwdd7eirl+fFdf681233pXnIb1QGona3QReVHd95MieU+IO9iAcRbB5Y7nN0ZEvB/rCEGWyvpCuoWm2cZJT+1jq8+VY/wmX3RDIEFfov95luOlfVy4f4shfJte/CXNCB3Z9OZYeFXQPYvdoIj5xMBLw1m8ab/PU3yInNFqryq59lRq7jKhe6a+1H7BLk9dcBcU2TrWUAdBN6i2rba6EdFpyS/q7oF70L2MWXJzQ3HYkdTyekIw73bEfNiIudjOGinPokVyAlbe3VhSvNLoHuqU14wpP0FVncBlIXPSJpBjtfYOQBuysszhNbHn3fntc3JoP4V5MSgeyWS+BV5Kt1XRMwKBwA9gTNqXaRlFxbZoYI7DDpylGkSMkxBVGoKU8Tr0D11KSnVUOf3D3RX+YfooAKDLtRmetycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-SSU_1216tb.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\tasks\AVG-SSU_1216tb_DELETE.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\tasks\StylishPlanner.job - c:\programdata\{4a8ba50c-e914-6413-4a8b-ba50ce919433}\download.exe --startup=1 --single
C:\Windows\system32\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user - C:\Program Files\CinemaP-1.9cV26.06\002f81f0-c08d-4ca9-8356-555cb9521212-5.exe /rawdata=sEaVlZWV5BU5YZ5Q3WF5BSV3dFzty1Aveik+p6Gz1uKdIY6N7sJ/iiKQ793ki03CCaRRdgxMDj4EFPEvvh3tWVmvZPuQQBHCZ1cemFSYYGzZj4yvT2WCF81IkGQJX/utO0Is33B9Mpm80QziF2CGIn64okRO8tI8o4EFIFuQc/kn6oOVlkXghcVXRT60l5HMnVfrpfP4+k7cWBND6JieCHJEI7ok3e2SsvuIxKQJf1aZAfv/KIslcgiXs/6RtXsPOnrcE3mfpb1z+6MyCJhXmkLq5C2R8DQsuPLJGP6MY+yuIKthKfvMwDIlehzEguW+wgDnvM6R9q48vE9HduUhu3c4VPD+fCjllXVl9y+rcajq3VysDOJdZcgsZk5gjqQ19Lk1VpQhzvosgVwVXnrnVc3dfOm8+PVlRV+LMvUMkewl8YpS4idVg/mvTCwdd7eirl+fFdf681233pXnIb1QGona3QReVHd95MieU+IO9iAcRbB5Y7nN0ZEvB/rCEGWyvpCuoWm2cZJT+1jq8+VY/wmX3RDIEFfov95luOlfVy4f4shfJte/CXNCB3Z9OZYeFXQPYvdoIj5xMBLw1m8ab/PU3yInNFqryq59lRq7jKhe6a+1H7BLk9dcBcU2TrWUAdBN6i2rba6EdFpyS/q7oF70L2MWXJzQ3HYkdTyekIw73bEfNiIudjOGinPokVyAlbe3VhSvNLoHuqU14wpP0FVncBlIXPSJpBjtfYOQBuysszhNbHn3fntc3JoP4V5MSgeyWS+BV5Kt1XRMwKBwA9gTNqXaRlFxbZoYI7DDpylGkSMkxBVGoKU8Tr0D11KSnVUOf3D3RX+YfooAKDLtRmetycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ATKOSD2 - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\AVG-SSU_1216tb - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\system32\tasks\AVG-SSU_1216tb_DELETE - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - C:\Program Files\Rising\RAV\rsdelaylauncher.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468750203 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\{61D61DF8-C7EE-4D66-81DC-C178801910E9} - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\tasks\{C3CCFCC0-2113-4DA0-B25D-F796D8105921} - C:\Windows\system32\pcalua.exe -a "C:\GTA San Andreas\gtasa120cz.exe" -d "C:\GTA San Andreas"
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe invagent.dll,RunUpdate -noappraiser
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.199
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.5
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.209
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.3
Homepage: http://www.google.sk/
default_search_provider.search_url:
C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.3.31.232 Shockwave Flash C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
Plugin 11,4,402,265 Shockwave Flash C:\Program Files\Google\Chrome\Application\58.0.3029.96\gcswf32.dll
Plugin 11,4,402,265 Shockwave Flash C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
Plugin Remoting Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files\Google\Chrome\Application\58.0.3029.96\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files\Google\Chrome\Application\58.0.3029.96\pdf.dll
Plugin 1.3.21.99 Google Update C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}]
"URL"=http://www.v9.com/web?type=ds&ts=143868 ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-09-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2012-02-02 2321072]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-09-30 844448]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-09-30 694432]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-07 213824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\CCleaner\CCleaner.exe [2016-03-11 6751960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRT]
C:\Windows\system32\MRT.exe [2017-03-09 135086848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2012-06-05 1571432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-05 11430504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-06-29 53282944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-22 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-10 20:32:17 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-10 20:15:15 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-05-10 19:15:34 ----D---- C:\rsit
2017-05-10 19:15:34 ----D---- C:\Program Files\trend micro
2017-05-08 18:22:16 ----D---- C:\ProgramData\VS Revo Group
2017-05-08 18:22:14 ----A---- C:\Windows\system32\drivers\revoflt.sys
2017-05-08 18:22:08 ----D---- C:\Program Files\VS Revo Group
2017-05-07 20:38:25 ----SHD---- C:\Config.Msi
2017-05-07 20:27:54 ----D---- C:\Users\lucka petko\AppData\Roaming\LibreOffice
2017-05-07 20:14:22 ----D---- C:\Program Files\LibreOffice 5
2017-05-07 19:10:29 ----D---- C:\AdwCleaner
2017-05-07 18:34:56 ----A---- C:\Windows\system32\aswBoot.exe
2017-04-13 07:39:36 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2017-04-13 07:39:35 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2017-04-13 07:39:34 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2017-04-13 07:39:33 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys

======List of files/folders modified in the last 1 month======

2017-05-10 20:48:02 ----D---- C:\Windows\Temp
2017-05-10 20:47:06 ----D---- C:\Windows\system32\config
2017-05-10 20:37:43 ----D---- C:\Windows\System32
2017-05-10 20:37:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-10 20:37:42 ----D---- C:\Windows\inf
2017-05-10 20:32:17 ----D---- C:\Windows\system32\drivers
2017-05-10 20:31:48 ----D---- C:\Windows
2017-05-10 19:51:17 ----HD---- C:\ProgramData
2017-05-10 19:15:43 ----D---- C:\Windows\system32\drivers\etc
2017-05-10 19:15:34 ----RD---- C:\Program Files
2017-05-09 06:41:50 ----D---- C:\Windows\Prefetch
2017-05-08 22:12:57 ----D---- C:\Windows\Microsoft.NET
2017-05-08 22:03:02 ----RSD---- C:\Windows\assembly
2017-05-08 20:08:11 ----SHD---- C:\Windows\Installer
2017-05-08 19:42:04 ----D---- C:\Program Files\CinemaP-1.9cV26.06
2017-05-08 18:25:24 ----SHD---- C:\System Volume Information
2017-05-07 20:47:36 ----D---- C:\Windows\winsxs
2017-05-07 20:35:55 ----D---- C:\Windows\system32\DriverStore
2017-05-07 20:15:42 ----RSD---- C:\Windows\Fonts
2017-05-07 19:33:08 ----D---- C:\Windows\system32\Tasks
2017-05-07 19:29:05 ----D---- C:\Program Files\Common Files
2017-05-07 18:48:32 ----SD---- C:\ProgramData\Microsoft
2017-05-07 18:31:24 ----D---- C:\Windows\system32\catroot2
2017-05-07 18:28:25 ----D---- C:\Windows\debug
2017-05-07 18:04:38 ----SD---- C:\Users\lucka petko\AppData\Roaming\Microsoft

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-05-07 148696]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-05-07 268016]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-05-07 41664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-07 62152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-07 279800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-05-07 258288]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-07 31064]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-07 90336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-07 764576]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-07 482608]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2011-09-07 14464]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 227776]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 97912]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 45032]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 73232]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 59152]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-07 107928]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-07 114640]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\drivers\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-05 9068032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-05 264192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-10-03 2205696]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-06-05 86544]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-09-30 25248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-05 3546664]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-06-05 35968]
S1 rmawjugl;rmawjugl; \??\C:\Windows\system32\drivers\rmawjugl.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-07 34136]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-09-30 35488]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-09-30 43680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-09-30 290976]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-09-30 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-09-30 147616]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-09-30 60064]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-09-30 263968]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-09-30 442528]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2016-12-21 35632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-06-05 197224]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-05 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-21 291840]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-09-30 84640]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-07 263304]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [2016-08-19 131024]
R2 persdwmsrv;Personalization Panel DWM controller; C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [2012-04-07 8192]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-09-30 158880]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-05-07 5732136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 103568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 102912]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-03-20 45688]
S4 MCSvc;Microsoft Cache Service; %SystemRoot%\System32\svchost.exe -k LocalServiceir;"ServiceDll"=C:\ProgramData\PreEmptive Solutions\Common\LAC\shelflife\2.0.50727__1.2.3.0.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user.job
C:\Program Files\CinemaP-1.9cV26.06
C:\Program Files\Elex-tech

:services
iSafeService
iSafeKrnl
iSafeKrnlKit
iSafeKrnlMon
iSafeKrnlR3
iSafeNetFilter
rmawjugl

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte Avast a po něm restartujte PC. Dejte nový log RSIT.

Kromě Avastu jsou v systému zbytky po AVG. Odstraňte je pomoci AVGRemoveru: http://www.stahuj.centrum.cz/utility_a_ ... g-remover/ .

Nech sa páči log

Logfile of random's system information tool 1.16 (written by random/random)
Run by lucka petko at 2017-05-11 15:58:39
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 164 GB (54%) free of 305 GB
Total RAM: 1660 MB (35% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:00, on 11. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Bluetooth Suite\BtvStack.exe
C:\Program Files\Bluetooth Suite\AthBtTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Elex-tech\YAC\bugreport.exe
C:\Users\lucka petko\Desktop\RSIT.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\trend micro\lucka petko_RSIT.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com?type=hp&ts=1438680201 ... 2baebo9e1o
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={53B28852 ... 2014-12-11 10:14:25&v=4.2.9.726&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nuesearch.com/?type=hp&ts=14 ... P4274P4274
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: (no name) - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - (no file)
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AtherosBtStack] "C:\Program Files\Bluetooth Suite\BtvStack.exe"
O4 - HKLM\..\Run: [AthBtTray] "C:\Program Files\Bluetooth Suite\AthBtTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Registration Brothers In Arms.LNK = D:\Support\Register\RegistrationReminder.exe (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Personalization Panel DWM controller (persdwmsrv) - http://winaero.com/ - C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 6258 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-SSU_1216tb.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\tasks\AVG-SSU_1216tb_DELETE.job - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\tasks\StylishPlanner.job - c:\programdata\{4a8ba50c-e914-6413-4a8b-ba50ce919433}\download.exe --startup=1 --single
C:\Windows\system32\tasks\002f81f0-c08d-4ca9-8356-555cb9521212-5_user - C:\Program Files\CinemaP-1.9cV26.06\002f81f0-c08d-4ca9-8356-555cb9521212-5.exe /rawdata=sEaVlZWV5BU5YZ5Q3WF5BSV3dFzty1Aveik+p6Gz1uKdIY6N7sJ/iiKQ793ki03CCaRRdgxMDj4EFPEvvh3tWVmvZPuQQBHCZ1cemFSYYGzZj4yvT2WCF81IkGQJX/utO0Is33B9Mpm80QziF2CGIn64okRO8tI8o4EFIFuQc/kn6oOVlkXghcVXRT60l5HMnVfrpfP4+k7cWBND6JieCHJEI7ok3e2SsvuIxKQJf1aZAfv/KIslcgiXs/6RtXsPOnrcE3mfpb1z+6MyCJhXmkLq5C2R8DQsuPLJGP6MY+yuIKthKfvMwDIlehzEguW+wgDnvM6R9q48vE9HduUhu3c4VPD+fCjllXVl9y+rcajq3VysDOJdZcgsZk5gjqQ19Lk1VpQhzvosgVwVXnrnVc3dfOm8+PVlRV+LMvUMkewl8YpS4idVg/mvTCwdd7eirl+fFdf681233pXnIb1QGona3QReVHd95MieU+IO9iAcRbB5Y7nN0ZEvB/rCEGWyvpCuoWm2cZJT+1jq8+VY/wmX3RDIEFfov95luOlfVy4f4shfJte/CXNCB3Z9OZYeFXQPYvdoIj5xMBLw1m8ab/PU3yInNFqryq59lRq7jKhe6a+1H7BLk9dcBcU2TrWUAdBN6i2rba6EdFpyS/q7oF70L2MWXJzQ3HYkdTyekIw73bEfNiIudjOGinPokVyAlbe3VhSvNLoHuqU14wpP0FVncBlIXPSJpBjtfYOQBuysszhNbHn3fntc3JoP4V5MSgeyWS+BV5Kt1XRMwKBwA9gTNqXaRlFxbZoYI7DDpylGkSMkxBVGoKU8Tr0D11KSnVUOf3D3RX+YfooAKDLtRmetycgh8ae7qrYv9Tft2XOPfoRg0u8YHanEmvPHgHORQMhQAM3sv+UFDAS5zZxT2QOdq1oJ8FkJM7hn1/ruHRl/BpCcasbzp+X9RvrI+hwIlKjcZ/kis1Jl9ubhRgfNyuFDKWjGXcN7RB05VBOZhOKvtiyJjCMUpenqOMGI/vJC
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ATKOSD2 - C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\AVG-SSU_1216tb - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --RUNBY=UP
C:\Windows\system32\tasks\AVG-SSU_1216tb_DELETE - C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe --CMPID=1216tb --CMPN_DELETE_ALL --RUNBY=UP
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - C:\Program Files\Rising\RAV\rsdelaylauncher.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1468750203 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
C:\Windows\system32\tasks\{61D61DF8-C7EE-4D66-81DC-C178801910E9} - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\tasks\{C3CCFCC0-2113-4DA0-B25D-F796D8105921} - C:\Windows\system32\pcalua.exe -a "C:\GTA San Andreas\gtasa120cz.exe" -d "C:\GTA San Andreas"
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe invagent.dll,RunUpdate -noappraiser
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.199
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.5
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.209
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.3
Homepage: http://www.google.sk/
default_search_provider.search_url:
C:\Users\lucka petko\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 11.3.31.232 Shockwave Flash C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
Plugin 11,4,402,265 Shockwave Flash C:\Program Files\Google\Chrome\Application\58.0.3029.96\gcswf32.dll
Plugin 11,4,402,265 Shockwave Flash C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
Plugin Remoting Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files\Google\Chrome\Application\58.0.3029.96\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files\Google\Chrome\Application\58.0.3029.96\pdf.dll
Plugin 1.3.21.99 Google Update C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}]
"URL"=http://www.v9.com/web?type=ds&ts=143868 ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files\Bluetooth Suite\IEPlugIn.dll [2011-09-30 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2012-02-02 2321072]
"AtherosBtStack"=C:\Program Files\Bluetooth Suite\BtvStack.exe [2011-09-30 844448]
"AthBtTray"=C:\Program Files\Bluetooth Suite\AthBtTray.exe [2011-09-30 694432]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-07 213824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\CCleaner\CCleaner.exe [2016-03-11 6751960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MRT]
C:\Windows\system32\MRT.exe [2017-03-09 135086848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2012-06-05 1571432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-05 11430504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-06-29 53282944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray]
C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe [2010-07-09 984400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-22 343168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-11 15:58:24 ----D---- C:\ProgramData\SWCUTemp
2017-05-11 15:46:46 ----HD---- C:\$AV_ASW
2017-05-11 15:42:32 ----D---- C:\_OTM
2017-05-10 20:32:17 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-10 20:15:15 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-05-10 19:15:34 ----D---- C:\rsit
2017-05-10 19:15:34 ----D---- C:\Program Files\trend micro
2017-05-08 18:22:16 ----D---- C:\ProgramData\VS Revo Group
2017-05-08 18:22:14 ----A---- C:\Windows\system32\drivers\revoflt.sys
2017-05-08 18:22:08 ----D---- C:\Program Files\VS Revo Group
2017-05-07 20:38:25 ----SHD---- C:\Config.Msi
2017-05-07 20:27:54 ----D---- C:\Users\lucka petko\AppData\Roaming\LibreOffice
2017-05-07 20:14:22 ----D---- C:\Program Files\LibreOffice 5
2017-05-07 19:10:29 ----D---- C:\AdwCleaner
2017-05-07 18:34:56 ----A---- C:\Windows\system32\aswBoot.exe
2017-04-13 07:39:36 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2017-04-13 07:39:35 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2017-04-13 07:39:34 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2017-04-13 07:39:33 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys

======List of files/folders modified in the last 1 month======

2017-05-11 15:58:31 ----D---- C:\Windows\system32\config
2017-05-11 15:58:24 ----HD---- C:\ProgramData
2017-05-11 15:58:01 ----D---- C:\Windows\Temp
2017-05-11 15:42:56 ----RD---- C:\Program Files
2017-05-11 15:42:56 ----D---- C:\Windows\Tasks
2017-05-11 15:37:09 ----D---- C:\Windows\System32
2017-05-11 15:37:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-11 15:37:08 ----D---- C:\Windows\inf
2017-05-10 20:32:17 ----D---- C:\Windows\system32\drivers
2017-05-10 20:31:48 ----D---- C:\Windows
2017-05-10 19:15:43 ----D---- C:\Windows\system32\drivers\etc
2017-05-09 06:41:50 ----D---- C:\Windows\Prefetch
2017-05-08 22:12:57 ----D---- C:\Windows\Microsoft.NET
2017-05-08 22:03:02 ----RSD---- C:\Windows\assembly
2017-05-08 20:08:11 ----SHD---- C:\Windows\Installer
2017-05-08 18:25:24 ----SHD---- C:\System Volume Information
2017-05-07 20:47:36 ----D---- C:\Windows\winsxs
2017-05-07 20:35:55 ----D---- C:\Windows\system32\DriverStore
2017-05-07 20:15:42 ----RSD---- C:\Windows\Fonts
2017-05-07 19:33:08 ----D---- C:\Windows\system32\Tasks
2017-05-07 19:29:05 ----D---- C:\Program Files\Common Files
2017-05-07 18:48:32 ----SD---- C:\ProgramData\Microsoft
2017-05-07 18:31:24 ----D---- C:\Windows\system32\catroot2
2017-05-07 18:28:25 ----D---- C:\Windows\debug
2017-05-07 18:04:38 ----SD---- C:\Users\lucka petko\AppData\Roaming\Microsoft

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-05-07 148696]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-05-07 268016]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-05-07 41664]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-07 62152]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-07 279800]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-05-07 258288]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-07 31064]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-07 90336]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-07 764576]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-07 482608]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2011-09-07 14464]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 227776]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 97912]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 45032]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 73232]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 59152]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-07 107928]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-07 114640]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\drivers\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-05 9068032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-05 264192]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-10-03 2205696]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-06-05 86544]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-09-30 25248]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-05 3546664]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-06-05 35968]
S1 rmawjugl;rmawjugl; \??\C:\Windows\system32\drivers\rmawjugl.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-07 34136]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-09-30 35488]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-09-30 43680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-09-30 290976]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-09-30 97440]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-09-30 147616]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-09-30 60064]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-09-30 263968]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-09-30 442528]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2016-12-21 35632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2012-06-05 197224]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-05 163328]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-21 291840]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 AtherosSvc;AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [2011-09-30 84640]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-07 263304]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [2016-08-19 131024]
R2 persdwmsrv;Personalization Panel DWM controller; C:\Program Files\winaero.com\Personalization Panel DWM Controller\persdwmsrv.exe [2012-04-07 8192]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent; C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe [2011-09-30 158880]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-05-07 5732136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 103568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 102912]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-03-20 45688]
S4 MCSvc;Microsoft Cache Service; %SystemRoot%\System32\svchost.exe -k LocalServiceir;"ServiceDll"=C:\ProgramData\PreEmptive Solutions\Common\LAC\shelflife\2.0.50727__1.2.3.0.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-03-20 139896]

-----------------EOF-----------------

Smazáno. Nastala nějaká změna?

Dobrý deň. Avast mi stále hlási :

OK. Mažu jen to, co v logu vidím. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Log z mbam

Všechny nálezy smažte. Něco zůstalo ještě v registry.

Dobrý deň. Po zmazaní súborov z Malwarebytes vyzerá byť všetko OK Nič nenájde ani antivírus. Ďakujem veľmi pekne za pomoc

Nemáte zač!