Win32:Malware-gen

Zpráva

Wolfo · #1 Příspěvek od **Wolfo** » 03 zář 2014 14:06

Zdravím,
akurát sa mi dokončila kontrola v Avaste a našlo to Win32:Malware-gen ale nejde s nim nič robiť ani presunuť do truhly ... Avast píše : Chyba prístup odepřen (5) ... diky za pomoc

Log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2014-09-03 15:02:50
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 96 GB (48%) free of 200 GB
Total RAM: 4094 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:03:33, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc - C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8540 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe"
"C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe" -monitor 464
"C:\Program Files (x86)\Movies App\SafetyNut\safetynut.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe"
"C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4864.0.2121928205\446870354" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4864.8.556828593\1341403173" /prefetch:673131151
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4864.10.880520121\883077771" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\pc\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-15 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-15 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-15 4085896]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2013-10-25 557056]
"RoccatIsku"=C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2013-10-30 536576]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Roccat Talk.lnk - C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="tasklist.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-09-03 15:02:51 ----D---- C:\Program Files\trend micro
2014-09-03 15:02:50 ----D---- C:\rsit
2014-08-31 17:31:44 ----D---- C:\Program Files (x86)\Movies App
2014-08-31 17:31:42 ----D---- C:\ProgramData\SafetyNut
2014-08-31 17:30:04 ----D---- C:\Users\pc\AppData\Roaming\uTorrent
2014-08-29 20:49:15 ----D---- C:\Users\pc\AppData\Roaming\.mono
2014-08-29 20:47:04 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-08-28 13:39:49 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:24:55 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 13:24:55 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 13:24:55 ----A---- C:\Windows\system32\gdi32.dll
2014-08-24 13:32:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wucltux.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wuapi.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuapp.exe
2014-08-18 17:18:49 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2014-08-15 11:53:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-15 11:53:04 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 13:17:39 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 13:17:37 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 13:17:37 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 13:17:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 13:17:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 11:50:06 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 11:50:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 11:50:01 ----A---- C:\Windows\system32\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\consent.exe
2014-08-13 11:50:00 ----A---- C:\Windows\system32\authui.dll
2014-08-13 11:49:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 11:49:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 11:49:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 11:49:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 11:49:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 11:49:44 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 11:49:43 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 11:49:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 11:49:35 ----A---- C:\Windows\system32\rpcrt4.dll

======List of files/folders modified in the last 1 months======

2014-09-03 15:03:16 ----D---- C:\Users\pc\AppData\Roaming\Skype
2014-09-03 15:03:14 ----D---- C:\Windows\Temp
2014-09-03 15:02:51 ----D---- C:\Program Files
2014-09-03 14:54:41 ----D---- C:\ProgramData\Origin
2014-09-03 14:54:35 ----D---- C:\Windows
2014-09-03 13:30:35 ----D---- C:\Program Files (x86)\Origin
2014-09-03 12:17:15 ----D---- C:\Windows\system32\config
2014-09-03 12:02:40 ----D---- C:\ProgramData\NVIDIA
2014-09-02 19:19:06 ----D---- C:\Users\pc\AppData\Roaming\Origin
2014-09-02 12:12:55 ----D---- C:\Windows\system32\catroot2
2014-09-02 12:12:51 ----SHD---- C:\System Volume Information
2014-09-02 10:25:05 ----D---- C:\Program Files (x86)\Steam
2014-09-01 12:15:11 ----D---- C:\ProgramData\Electronic Arts
2014-09-01 12:11:50 ----RSD---- C:\Windows\assembly
2014-09-01 12:00:08 ----D---- C:\Program Files (x86)\Origin Games
2014-08-31 17:31:44 ----RD---- C:\Program Files (x86)
2014-08-31 17:31:42 ----HD---- C:\ProgramData
2014-08-31 08:05:03 ----D---- C:\Windows\System32
2014-08-31 08:05:03 ----D---- C:\Windows\inf
2014-08-31 08:05:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-29 20:47:04 ----D---- C:\Windows\SysWOW64
2014-08-29 10:51:56 ----D---- C:\Windows\winsxs
2014-08-28 19:56:27 ----D---- C:\Windows\system32\drivers
2014-08-28 19:56:26 ----D---- C:\Windows\system32\DriverStore
2014-08-28 19:56:26 ----D---- C:\Windows\system32\catroot
2014-08-28 19:56:24 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 19:49:53 ----D---- C:\Windows\Prefetch
2014-08-28 17:36:07 ----SD---- C:\ProgramData\Microsoft
2014-08-28 15:39:50 ----D---- C:\Windows\Downloaded Installations
2014-08-27 12:04:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-26 12:29:51 ----D---- C:\Windows\rescache
2014-08-24 20:30:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-24 20:30:45 ----D---- C:\Windows\system32\cs-CZ
2014-08-22 16:22:38 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2014-08-22 16:22:38 ----D---- C:\Users\pc\AppData\Roaming\Adobe
2014-08-15 11:53:42 ----D---- C:\Windows\system32\Tasks
2014-08-15 11:53:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-14 18:00:05 ----D---- C:\Windows\Microsoft.NET
2014-08-14 14:57:41 ----SHD---- C:\Windows\Installer
2014-08-13 16:52:50 ----D---- C:\Windows\ehome
2014-08-13 16:52:36 ----D---- C:\Program Files\Internet Explorer
2014-08-13 16:52:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\system32\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 16:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-08-15 448400]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-15 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-15 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-08-15 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-15 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-15 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-15 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies App\SafetyNut\x64\configmgrc2.cfg [2014-07-31 42064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-15 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-15 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-15 92008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-02-19 24824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-06-11 197408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-15 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-08-15 106488]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-20 76152]
R2 SafetyNutManager;SafetyNut Manager; C:\Program Files (x86)\Movies App\SafetyNut\SafetyNutManager.exe [2014-07-31 3573456]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-27 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-07-18 107552]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 03 zář 2014 17:10

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Wolfo · #3 Příspěvek od **Wolfo** » 03 zář 2014 17:18

Hotovo ...
Report: # AdwCleaner v3.309 - Report created 03/09/2014 at 18:14:27
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SafetyNutManager

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\SafetyNut
[!] Folder Deleted : C:\Program Files (x86)\Movies App
File Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmuse.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Google Chrome v

[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4623 octets] - [03/09/2014 18:12:40]
AdwCleaner[S0].txt - [3977 octets] - [03/09/2014 18:14:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4037 octets] ##########

#4 Příspěvek od **Rudy** » 03 zář 2014 17:35

Dejte nový log RSIT.

Wolfo · #5 Příspěvek od **Wolfo** » 03 zář 2014 17:37

Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2014-09-03 18:36:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 93 GB (47%) free of 200 GB
Total RAM: 4094 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:36:43, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8340 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe"
"C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4232.0.72961053\219890106" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4232.3.2082390884\1779766819" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\pc\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-15 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-15 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-15 4085896]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2013-10-25 557056]
"RoccatIsku"=C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2013-10-30 536576]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Roccat Talk.lnk - C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-09-03 18:13:18 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-03 18:12:34 ----D---- C:\AdwCleaner
2014-09-03 15:02:51 ----D---- C:\Program Files\trend micro
2014-09-03 15:02:50 ----D---- C:\rsit
2014-08-31 17:30:04 ----D---- C:\Users\pc\AppData\Roaming\uTorrent
2014-08-29 20:49:15 ----D---- C:\Users\pc\AppData\Roaming\.mono
2014-08-29 20:47:04 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-08-28 13:39:49 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:24:55 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 13:24:55 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 13:24:55 ----A---- C:\Windows\system32\gdi32.dll
2014-08-24 13:32:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wucltux.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wuapi.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuapp.exe
2014-08-18 17:18:49 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2014-08-15 11:53:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-15 11:53:04 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 13:17:39 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 13:17:37 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 13:17:37 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 13:17:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 13:17:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 11:50:06 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 11:50:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 11:50:01 ----A---- C:\Windows\system32\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\consent.exe
2014-08-13 11:50:00 ----A---- C:\Windows\system32\authui.dll
2014-08-13 11:49:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 11:49:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 11:49:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 11:49:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 11:49:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 11:49:44 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 11:49:43 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 11:49:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 11:49:35 ----A---- C:\Windows\system32\rpcrt4.dll

======List of files/folders modified in the last 1 months======

2014-09-03 18:36:42 ----D---- C:\Windows\Temp
2014-09-03 18:19:58 ----D---- C:\Users\pc\AppData\Roaming\Skype
2014-09-03 18:19:55 ----D---- C:\Windows\system32\config
2014-09-03 18:19:15 ----SHD---- C:\Windows\Installer
2014-09-03 18:19:15 ----D---- C:\ProgramData\Skype
2014-09-03 18:19:12 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 18:16:34 ----D---- C:\ProgramData\NVIDIA
2014-09-03 18:16:31 ----RD---- C:\Program Files (x86)
2014-09-03 18:16:31 ----HD---- C:\ProgramData
2014-09-03 18:16:31 ----D---- C:\Windows
2014-09-03 18:13:18 ----D---- C:\Windows\SysWOW64
2014-09-03 15:02:51 ----D---- C:\Program Files
2014-09-03 14:54:41 ----D---- C:\ProgramData\Origin
2014-09-03 13:30:35 ----D---- C:\Program Files (x86)\Origin
2014-09-02 19:19:06 ----D---- C:\Users\pc\AppData\Roaming\Origin
2014-09-02 12:12:55 ----D---- C:\Windows\system32\catroot2
2014-09-02 12:12:51 ----SHD---- C:\System Volume Information
2014-09-02 10:25:05 ----D---- C:\Program Files (x86)\Steam
2014-09-01 12:15:11 ----D---- C:\ProgramData\Electronic Arts
2014-09-01 12:11:50 ----RSD---- C:\Windows\assembly
2014-09-01 12:00:08 ----D---- C:\Program Files (x86)\Origin Games
2014-08-31 08:05:03 ----D---- C:\Windows\System32
2014-08-31 08:05:03 ----D---- C:\Windows\inf
2014-08-31 08:05:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-29 10:51:56 ----D---- C:\Windows\winsxs
2014-08-28 19:56:27 ----D---- C:\Windows\system32\drivers
2014-08-28 19:56:26 ----D---- C:\Windows\system32\DriverStore
2014-08-28 19:56:26 ----D---- C:\Windows\system32\catroot
2014-08-28 19:56:24 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 19:49:53 ----D---- C:\Windows\Prefetch
2014-08-28 17:36:07 ----SD---- C:\ProgramData\Microsoft
2014-08-28 15:39:50 ----D---- C:\Windows\Downloaded Installations
2014-08-27 12:04:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-26 12:29:51 ----D---- C:\Windows\rescache
2014-08-24 20:30:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-24 20:30:45 ----D---- C:\Windows\system32\cs-CZ
2014-08-22 16:22:38 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2014-08-22 16:22:38 ----D---- C:\Users\pc\AppData\Roaming\Adobe
2014-08-15 11:53:42 ----D---- C:\Windows\system32\Tasks
2014-08-15 11:53:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-14 18:00:05 ----D---- C:\Windows\Microsoft.NET
2014-08-13 16:52:50 ----D---- C:\Windows\ehome
2014-08-13 16:52:36 ----D---- C:\Program Files\Internet Explorer
2014-08-13 16:52:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\system32\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 16:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-08-15 448400]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-15 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-15 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-08-15 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-15 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-15 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-15 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-15 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-15 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-15 92008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-02-19 24824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-06-11 197408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-15 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-08-15 106488]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-20 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-27 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-07-18 107552]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 03 zář 2014 17:49

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm skenu restartujte PC. Dejte nový log RSIT.

Wolfo · #7 Příspěvek od **Wolfo** » 03 zář 2014 18:04

Takže ... spravil som to a OTM pc reštartoval sám po obrazovke "Vítejte" bola čierna obrazovka neviem či to tak malo byť tak sa račej spýtam a bolo tam len okno či povolit zmeny v PC dal som áno a potom sa všetko načítalo a vypísalo toto do poznámok: All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1380506220-1166265625-1735509145-1000UA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pc
->Temp folder emptied: 36223553 bytes
->Temporary Internet Files folder emptied: 2094658 bytes
->Google Chrome cache emptied: 348305568 bytes
->Flash cache emptied: 949 bytes

Takže mám ešte raz resetnú pc a dať log či už aj teraz ?

Wolfo · #8 Příspěvek od **Wolfo** » 03 zář 2014 18:08

Tak som to reštartoval ešte raz ...
Log: Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2014-09-03 19:07:35
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 94 GB (47%) free of 200 GB
Total RAM: 4094 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:39, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8154 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\ASGT.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe"
"C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\pc\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-15 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-15 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-15 4085896]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2013-10-25 557056]
"RoccatIsku"=C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2013-10-30 536576]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Roccat Talk.lnk - C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-09-03 18:55:06 ----D---- C:\_OTM
2014-09-03 18:13:18 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-03 18:12:34 ----D---- C:\AdwCleaner
2014-09-03 15:02:51 ----D---- C:\Program Files\trend micro
2014-09-03 15:02:50 ----D---- C:\rsit
2014-08-31 17:30:04 ----D---- C:\Users\pc\AppData\Roaming\uTorrent
2014-08-29 20:49:15 ----D---- C:\Users\pc\AppData\Roaming\.mono
2014-08-29 20:47:04 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-08-28 13:39:49 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:24:55 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 13:24:55 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 13:24:55 ----A---- C:\Windows\system32\gdi32.dll
2014-08-24 13:32:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wucltux.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wuapi.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuapp.exe
2014-08-18 17:18:49 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2014-08-15 11:53:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-15 11:53:04 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 13:17:39 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 13:17:37 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 13:17:37 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 13:17:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 13:17:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 11:50:06 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 11:50:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 11:50:01 ----A---- C:\Windows\system32\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\consent.exe
2014-08-13 11:50:00 ----A---- C:\Windows\system32\authui.dll
2014-08-13 11:49:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 11:49:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 11:49:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 11:49:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 11:49:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 11:49:44 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 11:49:43 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 11:49:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 11:49:35 ----A---- C:\Windows\system32\rpcrt4.dll

======List of files/folders modified in the last 1 months======

2014-09-03 19:06:24 ----D---- C:\ProgramData\NVIDIA
2014-09-03 18:59:52 ----D---- C:\Windows\Temp
2014-09-03 18:57:51 ----D---- C:\Users\pc\AppData\Roaming\Skype
2014-09-03 18:55:52 ----D---- C:\Windows\system32\config
2014-09-03 18:55:06 ----RD---- C:\Program Files (x86)\Skype
2014-09-03 18:55:06 ----D---- C:\Windows\Tasks
2014-09-03 18:19:15 ----SHD---- C:\Windows\Installer
2014-09-03 18:19:15 ----D---- C:\ProgramData\Skype
2014-09-03 18:19:12 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 18:16:31 ----RD---- C:\Program Files (x86)
2014-09-03 18:16:31 ----HD---- C:\ProgramData
2014-09-03 18:16:31 ----D---- C:\Windows
2014-09-03 18:13:18 ----D---- C:\Windows\SysWOW64
2014-09-03 15:02:51 ----D---- C:\Program Files
2014-09-03 14:54:41 ----D---- C:\ProgramData\Origin
2014-09-03 13:30:35 ----D---- C:\Program Files (x86)\Origin
2014-09-02 19:19:06 ----D---- C:\Users\pc\AppData\Roaming\Origin
2014-09-02 12:12:55 ----D---- C:\Windows\system32\catroot2
2014-09-02 12:12:51 ----SHD---- C:\System Volume Information
2014-09-02 10:25:05 ----D---- C:\Program Files (x86)\Steam
2014-09-01 12:15:11 ----D---- C:\ProgramData\Electronic Arts
2014-09-01 12:11:50 ----RSD---- C:\Windows\assembly
2014-09-01 12:00:08 ----D---- C:\Program Files (x86)\Origin Games
2014-08-31 08:05:03 ----D---- C:\Windows\System32
2014-08-31 08:05:03 ----D---- C:\Windows\inf
2014-08-31 08:05:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-29 10:51:56 ----D---- C:\Windows\winsxs
2014-08-28 19:56:27 ----D---- C:\Windows\system32\drivers
2014-08-28 19:56:26 ----D---- C:\Windows\system32\DriverStore
2014-08-28 19:56:26 ----D---- C:\Windows\system32\catroot
2014-08-28 19:56:24 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 19:49:53 ----D---- C:\Windows\Prefetch
2014-08-28 17:36:07 ----SD---- C:\ProgramData\Microsoft
2014-08-28 15:39:50 ----D---- C:\Windows\Downloaded Installations
2014-08-27 12:04:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-26 12:29:51 ----D---- C:\Windows\rescache
2014-08-24 20:30:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-24 20:30:45 ----D---- C:\Windows\system32\cs-CZ
2014-08-22 16:22:38 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2014-08-22 16:22:38 ----D---- C:\Users\pc\AppData\Roaming\Adobe
2014-08-15 11:53:42 ----D---- C:\Windows\system32\Tasks
2014-08-15 11:53:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-14 18:00:05 ----D---- C:\Windows\Microsoft.NET
2014-08-13 16:52:50 ----D---- C:\Windows\ehome
2014-08-13 16:52:36 ----D---- C:\Program Files\Internet Explorer
2014-08-13 16:52:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\system32\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 16:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-08-15 448400]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-15 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-15 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-08-15 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-15 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-15 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-15 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-15 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-15 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-15 92008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-02-19 24824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-06-11 197408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-15 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-08-15 106488]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-20 76152]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-27 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-07-18 107552]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#9 Příspěvek od **Rudy** » 03 zář 2014 18:28

Dvouklikem na soubor C:\Program Files\trend micro\pc.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Wolfo · #10 Příspěvek od **Wolfo** » 03 zář 2014 18:41

Pri spustení mi to vyhodilo toto (neviem či je to v pohode) Obrázek

a keď som dal fix checked tak mi vyhodilo toto: Obrázek

mám dať nie či mám to reportnúť ?

#11 Příspěvek od **Rudy** » 03 zář 2014 19:36

Spusťte HJT jako administrator.

Wolfo · #12 Příspěvek od **Wolfo** » 03 zář 2014 19:52

Ok hotovo ... mám dať log ešte?

Wolfo · #13 Příspěvek od **Wolfo** » 03 zář 2014 20:03

Tu je ked tak : Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2014-09-03 21:00:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 94 GB (47%) free of 200 GB
Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:05, on 3.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Roccat Talk.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7944 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\ASGT.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe"
"C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4284.0.237669894\1299813734" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc1 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_05/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="4284.3.542252977\2132971282" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {BF7BB4CA-69C4-4C44-AF39-F713F7F369A2}
taskeng.exe {21D8F580-01AC-4A82-95FE-1FD6E36DC154}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\pc\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-15 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-15 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-15 4085896]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2013-10-25 557056]
"RoccatIsku"=C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2013-10-30 536576]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Roccat Talk.lnk - C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-09-03 21:00:03 ----D---- C:\rsit
2014-09-03 18:13:18 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-03 18:12:34 ----D---- C:\AdwCleaner
2014-09-03 15:02:51 ----D---- C:\Program Files\trend micro
2014-08-31 17:30:04 ----D---- C:\Users\pc\AppData\Roaming\uTorrent
2014-08-29 20:49:15 ----D---- C:\Users\pc\AppData\Roaming\.mono
2014-08-29 20:47:04 ----A---- C:\Windows\SYSWOW64\EasyAntiCheat.exe
2014-08-28 13:39:49 ----D---- C:\ProgramData\Malwarebytes
2014-08-28 13:24:55 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 13:24:55 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 13:24:55 ----A---- C:\Windows\system32\gdi32.dll
2014-08-24 13:32:41 ----A---- C:\Windows\system32\wups2.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wucltux.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-24 13:32:40 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wups.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wudriver.dll
2014-08-24 13:32:35 ----A---- C:\Windows\system32\wuapi.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-24 13:32:26 ----A---- C:\Windows\system32\wuapp.exe
2014-08-18 17:18:49 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2014-08-15 11:53:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-08-15 11:53:04 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 13:17:39 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 13:17:39 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 13:17:37 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 13:17:37 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 13:17:21 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 13:17:21 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 11:50:06 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 11:50:06 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 11:50:01 ----A---- C:\Windows\system32\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-13 11:50:00 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 11:50:00 ----A---- C:\Windows\system32\consent.exe
2014-08-13 11:50:00 ----A---- C:\Windows\system32\authui.dll
2014-08-13 11:49:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 11:49:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 11:49:52 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 11:49:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 11:49:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\iernonce.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 11:49:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 11:49:49 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 11:49:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-13 11:49:49 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 11:49:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iesetup.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 11:49:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 11:49:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 11:49:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 11:49:46 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 11:49:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 11:49:44 ----A---- C:\Windows\system32\msrating.dll
2014-08-13 11:49:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-13 11:49:43 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 11:49:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 11:49:35 ----A---- C:\Windows\system32\rpcrt4.dll

======List of files/folders modified in the last 1 months======

2014-09-03 21:00:04 ----D---- C:\Windows\Temp
2014-09-03 20:56:32 ----D---- C:\Users\pc\AppData\Roaming\Skype
2014-09-03 20:53:48 ----D---- C:\Windows\system32\config
2014-09-03 20:50:32 ----D---- C:\ProgramData\NVIDIA
2014-09-03 18:55:06 ----RD---- C:\Program Files (x86)\Skype
2014-09-03 18:55:06 ----D---- C:\Windows\Tasks
2014-09-03 18:19:15 ----SHD---- C:\Windows\Installer
2014-09-03 18:19:15 ----D---- C:\ProgramData\Skype
2014-09-03 18:19:12 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 18:16:31 ----RD---- C:\Program Files (x86)
2014-09-03 18:16:31 ----HD---- C:\ProgramData
2014-09-03 18:16:31 ----D---- C:\Windows
2014-09-03 18:13:18 ----D---- C:\Windows\SysWOW64
2014-09-03 15:02:51 ----D---- C:\Program Files
2014-09-03 14:54:41 ----D---- C:\ProgramData\Origin
2014-09-03 13:30:35 ----D---- C:\Program Files (x86)\Origin
2014-09-02 19:19:06 ----D---- C:\Users\pc\AppData\Roaming\Origin
2014-09-02 12:12:55 ----D---- C:\Windows\system32\catroot2
2014-09-02 12:12:51 ----SHD---- C:\System Volume Information
2014-09-02 10:25:05 ----D---- C:\Program Files (x86)\Steam
2014-09-01 12:15:11 ----D---- C:\ProgramData\Electronic Arts
2014-09-01 12:11:50 ----RSD---- C:\Windows\assembly
2014-09-01 12:00:08 ----D---- C:\Program Files (x86)\Origin Games
2014-08-31 08:05:03 ----D---- C:\Windows\System32
2014-08-31 08:05:03 ----D---- C:\Windows\inf
2014-08-31 08:05:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-29 10:51:56 ----D---- C:\Windows\winsxs
2014-08-28 19:56:27 ----D---- C:\Windows\system32\drivers
2014-08-28 19:56:26 ----D---- C:\Windows\system32\DriverStore
2014-08-28 19:56:26 ----D---- C:\Windows\system32\catroot
2014-08-28 19:56:24 ----D---- C:\ProgramData\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files\NVIDIA Corporation
2014-08-28 19:56:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 19:49:53 ----D---- C:\Windows\Prefetch
2014-08-28 17:36:07 ----SD---- C:\ProgramData\Microsoft
2014-08-28 15:39:50 ----D---- C:\Windows\Downloaded Installations
2014-08-27 12:04:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-26 12:29:51 ----D---- C:\Windows\rescache
2014-08-24 20:30:45 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-24 20:30:45 ----D---- C:\Windows\system32\cs-CZ
2014-08-22 16:22:38 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2014-08-22 16:22:38 ----D---- C:\Users\pc\AppData\Roaming\Adobe
2014-08-15 11:53:42 ----D---- C:\Windows\system32\Tasks
2014-08-15 11:53:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-14 18:00:05 ----D---- C:\Windows\Microsoft.NET
2014-08-13 16:52:50 ----D---- C:\Windows\ehome
2014-08-13 16:52:36 ----D---- C:\Program Files\Internet Explorer
2014-08-13 16:52:35 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\system32\en-US
2014-08-13 16:52:34 ----D---- C:\Windows\PolicyDefinitions
2014-08-13 16:52:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-08-15 448400]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-15 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-15 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-08-15 28184]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-15 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-15 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-15 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-15 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-15 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-15 92008]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-02-19 24824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-06-11 197408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-11-30 412264]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-15 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-08-15 106488]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-20 76152]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-27 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2014-07-18 107552]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-06-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2014-09-03 21:00:07

======Uninstall list======

-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
7-Zip 4.57-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe Flash Player 14 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe -maintain activex
Adobe Reader XI (11.0.08) - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-AB0000000001}
Asmedia ASM104x USB 3.0 Host Controller Driver-->MsiExec.exe /X{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
ASUS GPU Tweak-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1033
Audacity 2.0.5-->"C:\Program Files (x86)\Audacity\unins000.exe"
avast! Internet Security-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Counter-Strike-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10
Dota 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/570
FIFA 14-->"C:\Program Files (x86)\Common Files\EAInstaller\FIFA 14\Cleanup.exe" uninstall_game -autologging
Foxit Reader-->C:\Program Files (x86)\Foxit Software\Foxit Reader\Uninstall.exe
Left 4 Dead 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/550
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A324DC11-FF02-3CE8-9D6F-67EBC006D970}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00BA-041B-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2007-->MsiExec.exe /X{90120000-00A1-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Slovak) 2007-->MsiExec.exe /X{90120000-002A-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610-->"C:\ProgramData\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610-->MsiExec.exe /X{764384C5-BCA9-307C-9AAC-FD443662686A}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610-->MsiExec.exe /X{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}
Movies Search App for Chrome-->C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\GC\uninstall.exe /UN=CR /PID=BTR-DTX /PCD=IMH
MSVCRT Redists-->MsiExec.exe /I{8AAA8780-1D35-11E2-A3A6-F04DA23A5C58}
NVIDIA Ovladač 3D Vision 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D17827AE-62DD-44C5-A986-627AFB06B02E}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D17827AE-62DD-44C5-A986-627AFB06B02E}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D17827AE-62DD-44C5-A986-627AFB06B02E}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D17827AE-62DD-44C5-A986-627AFB06B02E}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.1220-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{D17827AE-62DD-44C5-A986-627AFB06B02E}\NVI2.DLL",UninstallPackage Display.PhysX
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
ROCCAT Isku Keyboard Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}\Setup.exe"
ROCCAT Kone[+] Mouse Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{B99CB207-4704-4C51-9309-0FA90AA26DD4}\Setup.exe"
Roccat Talk-->MsiExec.exe /I{605D671E-1D1E-4840-84D9-BFACE17F160D}
Rust-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252490
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9D8496AE-4030-3E92-B44E-4F81051E6C85} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9F8B7E39-B469-36F4-AF7A-1E6FE5F394E2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9625A203-DB41-3055-971E-550DA3E825B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2931365)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A4CBD9A2-B44F-3B8F-AE1C-B4B1CCE20A05} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {43B6E5D3-56A9-36C1-BD8B-9E1D6920FF11} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9625A203-DB41-3055-971E-550DA3E825B2} /parameterfolder Extended
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 6.18-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Tropico 4-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/57690
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {EFD73366-C059-3D04-9848-59072A15DB53} /parameterfolder Extended
Vegas Pro 12.0 (64-bit)-->MsiExec.exe /X{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}
WinRAR 5.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: pc-PC
Event Code: 3
Message:
Record Number: 47895
Source Name: NvStreamSvc
Time Written: 20140704213239.000000-000
Event Type: Informace
User:

Computer Name: pc-PC
Event Code: 3
Message:
Record Number: 47894
Source Name: NvStreamSvc
Time Written: 20140704213239.000000-000
Event Type: Informace
User:

Computer Name: pc-PC
Event Code: 3
Message:
Record Number: 47893
Source Name: NvStreamSvc
Time Written: 20140704213239.000000-000
Event Type: Informace
User:

Computer Name: pc-PC
Event Code: 3
Message:
Record Number: 47892
Source Name: NvStreamSvc
Time Written: 20140704213239.000000-000
Event Type: Informace
User:

Computer Name: pc-PC
Event Code: 3
Message:
Record Number: 47891
Source Name: NvStreamSvc
Time Written: 20140704213239.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140605190908.155269-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140605190908.155269-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x32113
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140605190907.812068-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140605190905.721664-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140605190905.659264-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 03 zář 2014 20:13

Log již není třeba. Nastala nějaká změna?

Wolfo · #15 Příspěvek od **Wolfo** » 03 zář 2014 20:25

Akurát som dokončil rýchly test nič nenašiel a tá zložka kde bol vírus tam už nieje takže zmena je ... Ďakujem a pekný zvyšok večera

VIRY.CZ

Win32:Malware-gen

Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen

Re: Win32:Malware-gen