Prosím o kontrolu

Zpráva

Lucaso · #1 Příspěvek od **Lucaso** » 26 zář 2015 17:49

Dobrý den, chtěl bych poprosit o kontrolu logu. Jedná se o můj starší notebook, který momentálně používá máma na běžnou kancelářskou práci. Zdá se lehce pomalejší, ale nic vážnějšího jsem nezaznamenal.

Přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by LUKAS at 2015-09-26 18:34:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 294 GB (62%) free of 477 GB
Total RAM: 3037 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:07, on 26.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\LUKAS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F2F7BF0525C7AACBBA5875707973CA64] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9159 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2004.0.345050291\1749658173" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2004.1.1159027928\1747842256" --font-cache-shared-handle=1752 /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
ATKOSD.exe
WDC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Steam\steam.exe" "steam://rungameid/10"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 3184 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2004.41.445060785\1258467313" --font-cache-shared-handle=5796 /prefetch:673131151
taskmgr.exe /3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2004.50.1498988714\1432532161" --font-cache-shared-handle=3420 /prefetch:673131151
C:\Windows\system32\AUDIODG.EXE 0xa68
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2004.53.701113252\1444854417" --font-cache-shared-handle=5976 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\LUKAS\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11 888432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11 2340472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-12 710872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12 1733240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"GoogleChromeAutoLaunch_F2F7BF0525C7AACBBA5875707973CA64"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-09-19 815944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^LUKAS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\LUKAS\AppData\Roaming\CURSEC~1\Bin\Curse.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-09-14 328064]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-07-17 178848]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-26 18:35:00 ----D---- C:\Program Files\trend micro
2015-09-26 18:34:58 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2015-09-26 18:35:01 ----D---- C:\Windows\Temp
2015-09-26 18:35:00 ----RD---- C:\Program Files
2015-09-26 15:58:14 ----D---- C:\Windows\Prefetch
2015-09-26 15:58:08 ----D---- C:\Program Files (x86)\Steam
2015-09-26 14:06:15 ----D---- C:\Windows\inf
2015-09-26 14:06:04 ----D---- C:\Windows
2015-09-26 13:54:43 ----D---- C:\Windows\system32\config
2015-09-25 20:38:07 ----SHD---- C:\System Volume Information
2015-09-24 20:55:15 ----SHD---- C:\Windows\Installer
2015-09-24 20:54:49 ----RSD---- C:\Windows\assembly
2015-09-24 20:54:41 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-24 20:53:04 ----D---- C:\Program Files\Microsoft Office 15
2015-09-22 18:36:16 ----D---- C:\ProgramData\ProductData
2015-09-19 12:24:43 ----D---- C:\Windows\System32
2015-09-19 12:24:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-18 14:47:43 ----RD---- C:\Program Files (x86)
2015-09-18 14:47:38 ----D---- C:\Windows\Tasks
2015-09-16 15:04:25 ----D---- C:\Windows\Microsoft.NET
2015-09-14 17:19:25 ----D---- C:\Windows\system32\Tasks
2015-09-13 06:56:35 ----D---- C:\Windows\system32\catroot2
2015-09-08 09:11:14 ----D---- C:\Windows\SoftwareDistribution
2015-09-08 09:09:58 ----D---- C:\Windows\debug
2015-09-02 19:06:27 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-26 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-24 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2014-10-12 64040]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2014-10-12 2210376]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-09-11 106880]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-09-11 2774104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2014-10-12 27768]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-25 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 26 zář 2015 20:00

Zdravim

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Lucaso · #3 Příspěvek od **Lucaso** » 26 zář 2015 23:07

Tak nejprve info z CDI:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2015/09/27 0:05:56

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000BPKX-80HPJT0 ATA Device
+ ATA Channel 1 (1)
- Slimtype DVD A DS8A4S ATA Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BPKX-80HPJT0 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000BPKX-80HPJT0
----------------------------------------------------------------------------
Model : WDC WD5000BPKX-80HPJT0
Firmware : 01.01A01
Serial Number : WD-WX31A7363411
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 4475 hod.
Power On Count : 1424 krát
Temparature : 27 C (80 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 193 177 _21 000000000535 Čas na roztočení ploten
04 _99 _99 __0 00000000059D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _94 _94 __0 00000000117B Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000590 Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000000C2D Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000035 Počet vypnutí disku
C1 197 197 __0 0000000026EF Počet cyklů načítání/vymazání
C2 120 103 __0 00000000001B Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4137 4137 3336 3334 3131
020: 0000 8000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4250 4B58 2D38 504A 504A 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 9F0E 9F0E 0004 004C 0040
080: 01FE 0000 746B 7D69 6123 BC49 BC49 6123 007F 002F
090: 002F 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 0000 5001 4EE6
110: AE7A 9ED0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 013E 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 70B5 70B5 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 35A5

A dále AdWC:

# AdwCleaner v5.008 - Logfile created 27/09/2015 at 00:02:20
# Updated 18/09/2015 by Xplode
# Database : 2015-09-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : LUKAS - LUKAS-NTB
# Running from : C:\Users\LUKAS\Downloads\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Tbccint
[!] Folder Not Deleted : C:\Program Files (x86)\Tbccint
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\productdata
[!] Folder Not Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[-] Folder Deleted : C:\Users\LUKAS\AppData\Local\cool_mirage
[-] Folder Deleted : C:\Users\LUKAS\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\LUKAS\AppData\Local\Tbccint
[!] Folder Not Deleted : C:\Users\LUKAS\AppData\Local\Tbccint
[-] Folder Deleted : C:\Users\LUKAS\AppData\LocalLow\Tbccint
[!] Folder Not Deleted : C:\Users\LUKAS\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\LUKAS\AppData\Roaming\productdata
[-] Folder Deleted : C:\Users\LUKAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{1BBF13E0-551E-42DD-91F4-1A547443FFDA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\1ClickDownload
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[!] Key Not Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
[!] Key Not Deleted : [x64] HKCU\Software\1ClickDownload
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\ParetoLogic
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\Software\AppDataLow\Software\Crossrider
[!] Key Not Deleted : HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\Software\AppDataLow\Software\Tbccint
[!] Key Not Deleted : HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\Software\AppDataLow\Software\Tbccint
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_

***** [ Web browsers ] *****

[-] [C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://websearch.searchisbestmy.info/?pid=1912&r=2013/11/23&hid=15040051497711490490&lg=EN&cc=CZ&unqvl=41

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4238 bytes] ##########

#4 Příspěvek od **Márty84** » 27 zář 2015 06:51

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Lucaso · #5 Příspěvek od **Lucaso** » 27 zář 2015 13:31

Zde je scan z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27.9.2015
Čas skenování: 12:35
Protokol: mbam scan.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.27.03
Databáze rootkitů: v2015.09.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LUKAS

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 523604
Uplynulý čas: 1 hod, 53 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 23
PUP.Optional.1ClickMovieDownload, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\ClickMovie1-Downloaderv10, , [d60983b1bad1fb3b3c5f66233dc7817f],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2980BD53-90D4-48EF-8CDF-C4E8B9BF8AE3}, , [ae310e262962b086e8686138c63e31cf],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C919235-9072-4B38-8176-BEB847F74A31}, , [e8f7979d602b40f62031debb0202748c],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42CC8084-96D8-4162-9932-FC3CC4C05CF7}, , [35aaeb49f497e84eea67326740c47789],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47E25A03-AE46-458B-9425-403989E37E30}, , [825d40f4e2a9e1552d239009699b1fe1],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5752BCBA-FD1C-4F08-BC52-183D10C36F5E}, , [5f802c08a8e3b87e5ff1dbbed430ab55],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B156E1F-FCCD-41FE-A29E-85958B83F370}, , [2fb0b87c632857df97b984150ef6f808],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DD25044-B8A2-42E0-AA1A-1B3A864A91ED}, , [33aca68e3c4f83b3fd54c1d840c420e0],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7165D27E-25B4-461B-8ACE-ED79AA5387E1}, , [c91678bc761553e35ff1b3e6d62ee21e],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86F2FFAD-89AB-4A3A-A55C-725E1C18CB3D}, , [f6e911234e3d1b1b1b366a2fe91b669a],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D3AFDE2-796B-4446-82B4-F328E47194ED}, , [ce1189ab6328999df35ed3c659ab5ba5],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6BA9B9A-8360-47EE-A65D-431F79759121}, , [cb14b3810f7c94a288c930692dd71ae6],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A81E7073-5B59-46C0-9845-337AD25D549C}, , [d20d171dc0cbab8b0e4216835fa549b7],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5126E91-2729-4963-AAA7-64A0242AA17F}, , [2fb0b77d7b10e45263ee9801ba4aba46],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDA73968-DC9F-4BD7-93F4-655F368DE74B}, , [db04ee46830803334b0646535ba9e818],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D4AAFF6F-FC04-49B5-ACE1-76EE6AFD66D3}, , [5986e94baeddef4777d92a6f7c88fc04],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E300C240-DD50-4899-A24A-A42EEB3AF142}, , [d708250fe5a606304f01efaa788c7b85],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E463E7A0-6088-4A47-BD3A-D2946F9D738E}, , [cd12013348437bbbb39e74257b892bd5],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D14B82-1541-4E81-88D2-793A765F7421}, , [7966ee4667240a2c58f89efbf311857b],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E97ECD99-B83A-440B-AD4C-742A5FB86458}, , [da05bf75ee9d4ceae26e1b7ee91be61a],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ECC1D9DA-C942-4B06-AA93-715D109D9514}, , [885794a0682346f0252ba3f68381e61a],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C951CC-9727-435B-B9D1-C7E89DD22ADF}, , [6877eb4908839f97f958386118ec7888],
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCC2483E-77BF-484F-9C57-744556A3C0D3}, , [954a3004cbc090a6a8a9b4e564a0fb05],

Hodnoty registru: 22
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2980BD53-90D4-48EF-8CDF-C4E8B9BF8AE3}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [ae310e262962b086e8686138c63e31cf]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C919235-9072-4B38-8176-BEB847F74A31}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [e8f7979d602b40f62031debb0202748c]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42CC8084-96D8-4162-9932-FC3CC4C05CF7}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [35aaeb49f497e84eea67326740c47789]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47E25A03-AE46-458B-9425-403989E37E30}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [825d40f4e2a9e1552d239009699b1fe1]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5752BCBA-FD1C-4F08-BC52-183D10C36F5E}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [5f802c08a8e3b87e5ff1dbbed430ab55]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B156E1F-FCCD-41FE-A29E-85958B83F370}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [2fb0b87c632857df97b984150ef6f808]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DD25044-B8A2-42E0-AA1A-1B3A864A91ED}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [33aca68e3c4f83b3fd54c1d840c420e0]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7165D27E-25B4-461B-8ACE-ED79AA5387E1}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [c91678bc761553e35ff1b3e6d62ee21e]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86F2FFAD-89AB-4A3A-A55C-725E1C18CB3D}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [f6e911234e3d1b1b1b366a2fe91b669a]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D3AFDE2-796B-4446-82B4-F328E47194ED}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [ce1189ab6328999df35ed3c659ab5ba5]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6BA9B9A-8360-47EE-A65D-431F79759121}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [cb14b3810f7c94a288c930692dd71ae6]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A81E7073-5B59-46C0-9845-337AD25D549C}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [d20d171dc0cbab8b0e4216835fa549b7]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5126E91-2729-4963-AAA7-64A0242AA17F}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [2fb0b77d7b10e45263ee9801ba4aba46]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDA73968-DC9F-4BD7-93F4-655F368DE74B}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [db04ee46830803334b0646535ba9e818]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D4AAFF6F-FC04-49B5-ACE1-76EE6AFD66D3}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [5986e94baeddef4777d92a6f7c88fc04]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E300C240-DD50-4899-A24A-A42EEB3AF142}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [d708250fe5a606304f01efaa788c7b85]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E463E7A0-6088-4A47-BD3A-D2946F9D738E}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [cd12013348437bbbb39e74257b892bd5]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D14B82-1541-4E81-88D2-793A765F7421}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [7966ee4667240a2c58f89efbf311857b]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E97ECD99-B83A-440B-AD4C-742A5FB86458}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [da05bf75ee9d4ceae26e1b7ee91be61a]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ECC1D9DA-C942-4B06-AA93-715D109D9514}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-buttonutil.exe, , [885794a0682346f0252ba3f68381e61a]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C951CC-9727-435B-B9D1-C7E89DD22ADF}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [6877eb4908839f97f958386118ec7888]
PUP.Optional.CrossRider, HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCC2483E-77BF-484F-9C57-744556A3C0D3}|AppName, f97843a1-28f1-4ef3-825a-35c1f394412d-2.exe-codedownloader.exe, , [954a3004cbc090a6a8a9b4e564a0fb05]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 4
PUP.Optional.1ClickMovieDownload, C:\Users\LUKAS\AppData\Roaming\ABIZQX.exe, , [7d62e1530e7d2511caa4902a42bfbb45],
PUP.Optional.1ClickMovieDownload, C:\Users\LUKAS\AppData\Roaming\EK.exe, , [598651e3d9b213232b43e1d9d22fa25e],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\ProgramData\Tbccint\Multi\CT3329621\UninstallerUI.exe.vir, , [b22ddf55d7b46ec846d886a320e1a858],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\LUKAS\AppData\Local\Tbccint\Community Alerts\Alert.dll.vir, , [a23dc173a3e8aa8ca07e5fca6a97f709],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 28 zář 2015 09:26

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Lucaso · #7 Příspěvek od **Lucaso** » 28 zář 2015 19:13

Odstranil jsem nalezené hrozby, resp. program je přesunul do karantény. Mám je tedy vymazat i z ní? Jinak se plynulost notebooku znatelně zlepšila

#8 Příspěvek od **Márty84** » 28 zář 2015 19:40

V karantene jsou neskodne, takze tam je klidne nechte. Ted zopakujte test a dejte sem zase vysledky.
Jsem rad, ze se to zlepsilo, ale je potreba to docistit poradne, aby to nebylo za chvili zpet

Lucaso · #9 Příspěvek od **Lucaso** » 28 zář 2015 22:27

Zde je scan, který jsem provedl po vyčištění a následném restartu:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28.9.2015
Čas skenování: 17:16
Protokol: scan.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.28.04
Databáze rootkitů: v2015.09.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LUKAS

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 524457
Uplynulý čas: 2 hod, 3 min, 40 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\ProgramData\Tbccint\Multi\CT3329621\UninstallerUI.exe.vir, Do karantény, [152fdc599af1df579bc4cd5ca8591ce4],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\LUKAS\AppData\Local\Tbccint\Community Alerts\Alert.dll.vir, Do karantény, [94b09a9b7e0d2f07adb2b376837e3dc3],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#10 Příspěvek od **Márty84** » 29 zář 2015 15:56

Nalezy uz jsou v karantene ADWCleaneru, takze neni potreba s nimi neco delat.

MBAM muzete odinstalovat.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Lucaso · #11 Příspěvek od **Lucaso** » 16 říj 2015 14:00

Omluvám se za delší prodlevu, bohužel jsem se k počítači dříve nedostal.

Přikládám jak scan z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by LUKAS at 2015-10-16 14:53:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 302 GB (63%) free of 477 GB
Total RAM: 3037 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:54:05, on 16.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\LUKAS\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\LUKAS.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F2F7BF0525C7AACBBA5875707973CA64] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9244 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
taskeng.exe {E9954392-827D-4A4C-B821-7060E43E97FD}
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2572.0.196111262\1587470882" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.1.1405351539\1484933292" --font-cache-shared-handle=1648 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.2.2086267520\1537876354" --font-cache-shared-handle=1688 /prefetch:673131151
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\Windows\system32\conhost.exe "-16260722661876932649-109589243513906474281712443497-1043101332901584482-502681871
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.23.1761909613\275840925" --font-cache-shared-handle=4020 /prefetch:673131151
"C:\Users\LUKAS\AppData\Roaming\uTorrent\uTorrent.exe" "magnet:?xt=urn:btih:9EE75107436D444A41994F00991A9A7FE98AD6E3&dn=Sense8+-+Complete+Season+1+%5BMP4-AAC%5D%28oan%29&tr=udp%3A%2F%2Finferno.demonoid.ooo%3A3392%2Fannounce&tr=udp%3A%2F%2Fopen.demonii.com%3A1337%2Fannounce&tr=http%3A%2F%2Ftracker.flashtorrents.org%3A6969%2Fannounce&tr=http%3A%2F%2Ftracker.aletorrenty.pl%3A2710%2Fannounce&tr=udp%3A%2F%2F9.rarbg.me%3A2710%2Fannounce&tr=udp%3A%2F%2F9.rarbg.com%3A2710%2Fannounce&tr=udp%3A%2F%2Ftracker.flashtorrents.org%3A6969%2Fannounce&tr=udp%3A%2F%2Fopen.demonii.com%3A1337&tr=udp%3A%2F%2Ftracker.glotorrents.com%3A6969%2Fannounce&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80%2Fannounce"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.30.2018252224\462299943" --font-cache-shared-handle=3704 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.31.613526766\1139810501" --font-cache-shared-handle=4696 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group4 pct:10d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2572.44.2038014731\1540220396" --font-cache-shared-handle=5744 /prefetch:673131151
taskeng.exe {6A61949A-DFE8-409E-96DF-30C24DAAD79E}
"C:\Users\LUKAS\Desktop\FRST64.exe"
C:\Windows\system32\AUDIODG.EXE 0x8f4
"C:\Users\LUKAS\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11 888432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11 2340472]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-12 710872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12 1733240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"GoogleChromeAutoLaunch_F2F7BF0525C7AACBBA5875707973CA64"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-09-24 815944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^LUKAS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\LUKAS\AppData\Roaming\CURSEC~1\Bin\Curse.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-09-14 328064]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2012-07-17 178848]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-16 14:52:20 ----D---- C:\FRST
2015-10-03 23:56:48 ----D---- C:\Program Files (x86)\OpenAL
2015-10-03 23:56:48 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2015-10-03 23:56:48 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2015-10-03 23:56:48 ----A---- C:\Windows\system32\wrap_oal.dll
2015-10-03 23:56:48 ----A---- C:\Windows\system32\OpenAL32.dll
2015-10-03 23:56:25 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-10-03 23:56:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-10-03 23:56:25 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-10-03 23:56:25 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-10-03 23:56:24 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-10-03 23:56:24 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-10-03 23:53:43 ----D---- C:\ProgramData\Package Cache
2015-09-28 17:04:59 ----D---- C:\e18b5a22050e063a0fbb
2015-09-27 12:32:16 ----D---- C:\ProgramData\Malwarebytes
2015-09-27 00:04:57 ----D---- C:\Users\LUKAS\AppData\Roaming\ProductData
2015-09-27 00:00:15 ----D---- C:\AdwCleaner
2015-09-26 18:35:00 ----D---- C:\Program Files\trend micro
2015-09-26 18:34:58 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2015-10-16 14:54:06 ----D---- C:\Windows
2015-10-16 14:54:05 ----D---- C:\Windows\Prefetch
2015-10-16 14:52:54 ----D---- C:\Users\LUKAS\AppData\Roaming\uTorrent
2015-10-16 14:31:39 ----D---- C:\Windows\Temp
2015-10-16 14:19:34 ----D---- C:\Windows\system32\config
2015-10-14 18:54:47 ----SHD---- C:\Windows\Installer
2015-10-14 18:54:01 ----D---- C:\Windows\SysWOW64
2015-10-14 18:53:19 ----D---- C:\Windows\system32\Tasks
2015-10-13 20:13:02 ----D---- C:\Windows\System32
2015-10-13 20:13:02 ----D---- C:\Windows\inf
2015-10-13 20:13:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-13 18:02:13 ----SHD---- C:\System Volume Information
2015-10-10 19:36:58 ----D---- C:\Users\LUKAS\AppData\Roaming\LolClient
2015-10-04 02:09:52 ----D---- C:\Program Files (x86)\Steam
2015-10-03 23:56:48 ----RD---- C:\Program Files (x86)
2015-10-03 23:55:46 ----RSD---- C:\Windows\assembly
2015-10-03 23:54:28 ----D---- C:\Windows\Logs
2015-10-03 23:53:43 ----HD---- C:\ProgramData
2015-09-29 12:26:12 ----D---- C:\Windows\system32\drivers
2015-09-29 11:59:09 ----D---- C:\Windows\system32\drivers\UMDF
2015-09-28 19:37:09 ----D---- C:\Windows\system32\NDF
2015-09-28 17:04:29 ----D---- C:\Users\LUKAS\AppData\Roaming\Spotify
2015-09-28 17:03:38 ----D---- C:\Windows\Web
2015-09-26 18:35:00 ----RD---- C:\Program Files
2015-09-24 20:54:41 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-24 20:53:04 ----D---- C:\Program Files\Microsoft Office 15
2015-09-18 14:47:38 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-26 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-24 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2014-10-12 64040]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2014-10-12 2210376]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-09-11 106880]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-09-11 2774104]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2014-10-12 27768]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-09-25 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

A také FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-10-2015 01
Ran by LUKAS (administrator) on LUKAS-NTB (16-10-2015 14:52:31)
Running from C:\Users\LUKAS\Desktop
Loaded Profiles: LUKAS (Available Profiles: LUKAS & Mcx1-LUKAS-NTB)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\LUKAS\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064 2012-09-14] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848 2012-07-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\...\Run: [GoogleChromeAutoLaunch_F2F7BF0525C7AACBBA5875707973CA64] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-1531155065-2287699335-3346415944-1000\...\MountPoints2: {5100c9c5-7418-11e4-b210-485b39521d4c} - E:\Autorun.exe
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{998EDF62-CF3F-4E27-8658-3C6537D3A6A3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{C0F68245-71AD-4C2F-B35A-69E1445D0850}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://websearch.searchisbestmy.info/?pid=1912&r=2013/11/23&hid=15040051497711490490&lg=EN&cc=CZ&unqvl=41
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-12]
CHR Extension: (Tlumočník pro všechny jazyky) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdeidgbmcliegnpcbbkhlflkbdpomhk [2014-10-12]
CHR Extension: (Dokumenty Google) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-12]
CHR Extension: (Disk Google) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-12]
CHR Extension: (YouTube) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-12]
CHR Extension: (Vyhledávání Google) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-12]
CHR Extension: (Tabulky Google) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (AdBlock) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-12]
CHR Extension: (My Study Life) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2014-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR Extension: (Gmail) - C:\Users\LUKAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [166400 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [128512 2009-09-14] (SEIKO EPSON CORPORATION) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-10-12] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-26] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-24] (REALiX(tm))
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 14:52 - 2015-10-16 14:53 - 00012427 _____ C:\Users\LUKAS\Desktop\FRST.txt
2015-10-16 14:52 - 2015-10-16 14:52 - 00000000 ____D C:\FRST
2015-10-16 14:47 - 2015-10-16 14:47 - 00112640 _____ (forum.viry.cz) C:\Users\LUKAS\Downloads\Nepotvrzeno 375403.crdownload
2015-10-16 14:47 - 2015-10-16 14:46 - 02196480 _____ (Farbar) C:\Users\LUKAS\Desktop\FRST64.exe
2015-10-16 14:46 - 2015-10-16 14:46 - 02196480 _____ (Farbar) C:\Users\LUKAS\Downloads\FRST64.exe
2015-10-16 14:29 - 2015-10-16 14:29 - 00000000 ____D C:\Users\LUKAS\Downloads\Sense8 - Complete Season 1 [MP4-AAC](oan)
2015-10-10 19:26 - 2015-10-11 11:20 - 00000000 ____D C:\Users\LUKAS\Downloads\Supernatural.S11E01.HDTV.x264-LOL[ettv]
2015-10-05 17:25 - 2015-10-05 20:43 - 00000000 ____D C:\Users\LUKAS\Downloads\Supernatural S10 Season 10 Complete 480p HDTV x264 AAC E-Subs [GWC]
2015-10-04 13:10 - 2015-10-04 13:22 - 00000000 ____D C:\Users\LUKAS\Downloads\Thor 2 Movies Collection 2011-2013 Bluray 720p x264 aac jbr
2015-10-03 23:56 - 2015-10-03 23:56 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2015-10-03 23:56 - 2015-10-03 23:56 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2015-10-03 23:56 - 2015-10-03 23:56 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2015-10-03 23:56 - 2015-10-03 23:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2015-10-03 23:56 - 2015-10-03 23:56 - 00000000 ____D C:\Users\LUKAS\Documents\Ubisoft
2015-10-03 23:56 - 2015-10-03 23:56 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-10-03 23:56 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-10-03 23:56 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-10-03 23:56 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-10-03 23:56 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-10-03 23:56 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-10-03 23:56 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-10-03 23:55 - 2015-10-03 23:56 - 00017513 _____ C:\Windows\DirectX.log
2015-10-03 23:53 - 2015-10-03 23:54 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-29 14:54 - 2015-10-16 14:16 - 00002026 _____ C:\Windows\setupact.log
2015-09-29 14:54 - 2015-09-29 14:54 - 00000000 _____ C:\Windows\setuperr.log
2015-09-29 11:59 - 2015-09-29 11:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-09-28 17:22 - 2015-09-28 17:22 - 00242925 _____ C:\Users\LUKAS\Downloads\[CzT]Lovci_duchu_Supernatural_1_4_serie_CZ_5_6_serie_EN_.torrent
2015-09-28 17:04 - 2015-09-28 17:05 - 00000000 ____D C:\e18b5a22050e063a0fbb
2015-09-27 13:01 - 2015-09-27 13:01 - 00000222 _____ C:\Users\LUKAS\Desktop\Heroes of Might & Magic III - HD Edition.url
2015-09-27 12:59 - 2015-09-27 12:59 - 00000000 ____D C:\Users\LUKAS\AppData\Local\CEF
2015-09-27 12:58 - 2015-09-27 12:58 - 00000000 ____D C:\Users\LUKAS\AppData\Local\Steam
2015-09-27 12:32 - 2015-09-27 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-27 12:31 - 2015-09-27 12:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\LUKAS\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-27 00:04 - 2015-09-27 00:04 - 00000000 ____D C:\Users\LUKAS\AppData\Roaming\ProductData
2015-09-27 00:00 - 2015-09-27 00:02 - 00000000 ____D C:\AdwCleaner
2015-09-26 23:59 - 2015-09-26 23:59 - 01662976 _____ C:\Users\LUKAS\Downloads\adwcleaner_5.008.exe
2015-09-26 23:59 - 2015-09-26 23:59 - 00000000 ____D C:\Users\LUKAS\Desktopcdi
2015-09-26 18:35 - 2015-09-26 18:35 - 00000000 ____D C:\Program Files\trend micro
2015-09-26 18:34 - 2015-09-26 18:35 - 00000000 ____D C:\rsit
2015-09-26 18:34 - 2015-09-26 18:34 - 01222144 _____ C:\Users\LUKAS\Downloads\RSITx64.exe
2015-09-23 21:39 - 2015-09-23 22:18 - 00000000 ____D C:\Users\LUKAS\Downloads\Supernatural S09 Season 9 HDTV 480p x264 AAC E-Subs [GWC]

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 14:52 - 2014-10-15 21:30 - 00000000 ____D C:\Users\LUKAS\AppData\Roaming\uTorrent
2015-10-16 14:52 - 2014-10-12 18:13 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 14:52 - 2014-10-12 18:13 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-16 14:49 - 2015-09-08 09:11 - 01189510 _____ C:\Windows\WindowsUpdate.log
2015-10-16 14:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-15 21:20 - 2009-07-14 06:45 - 00031760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-15 21:20 - 2009-07-14 06:45 - 00031760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-14 18:54 - 2014-10-12 18:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-14 18:53 - 2015-01-01 03:19 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-13 20:13 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-10 19:36 - 2014-10-12 19:45 - 00000000 ____D C:\Users\LUKAS\AppData\Roaming\LolClient
2015-10-04 02:09 - 2014-10-31 18:04 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-28 19:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-28 19:16 - 2015-08-17 22:48 - 00000000 ____D C:\Users\LUKAS\Downloads\lovci duchu
2015-09-28 17:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-28 17:05 - 2009-07-14 07:08 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-28 17:04 - 2014-11-11 16:58 - 00000000 ____D C:\Users\LUKAS\AppData\Roaming\Spotify
2015-09-28 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Web
2015-09-28 16:43 - 2014-11-11 16:59 - 00000000 ____D C:\Users\LUKAS\AppData\Local\Spotify
2015-09-27 13:31 - 2014-10-16 10:18 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-27 13:01 - 2014-12-30 23:55 - 00000000 ____D C:\Users\LUKAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-26 23:59 - 2014-10-12 17:59 - 00000000 ____D C:\Users\LUKAS
2015-09-26 13:54 - 2014-10-12 18:14 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 20:53 - 2014-10-12 18:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-18 14:47 - 2014-10-12 18:13 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 14:47 - 2014-10-12 18:13 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-17 17:55 - 2015-09-14 14:27 - 00000000 ____D C:\Users\LUKAS\Downloads\Supernatural S08 Complete 480p WEB-DL x264-EncodeKing

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-04 14:12

==================== End of FRST.txt ============================

#12 Příspěvek od **Márty84** » 19 říj 2015 10:20

Napiste mi velikost adresare plochy (C:\Users\LUKAS\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

CHR HomePage: Default -> hxxp://websearch.searchisbestmy.info/?p ... Z&unqvl=41

2015-09-27 12:32 - 2015-09-27 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-27 12:31 - 2015-09-27 12:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\LUKAS\Downloads\mbam-setup-2.1.8.1057.exe
2015-10-16 14:52 - 2014-10-12 18:13 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 14:52 - 2014-10-12 18:13 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^LUKAS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

20.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu