Překročení konektivity routeru

Zpráva

MakiLast · #1 Příspěvek od **MakiLast** » 29 zář 2013 01:53

Dobrý den,

mám již delší dobu problém se zavirovaným notebookem. Problémy se začaly projevovat na rychlosti internetu - zejména internetové prohlížeče vypadávaly, i když počítač hlásil, že je stále připojen. Následně jsem se spojila s poskytovatelem připojení, zjistil, že můj počítač je zavirovaný a stále se chce xkrát připojovat "někam pryč" (omluvte ten výraz). Ihned po tomto zjištění jsem notebook dala ke kompletnímu obnovení systému (před měsícem 27.8.2013). Byl mi od poskytovatele připojení doporučen spybot, antivir jsem si po formátování nainstalovala Avast. Bohužel mi poskytovatel připojení stále hlásí, že můj počítač je zavirovaný a stále se chce někam připojovat. Není pro mě problém dát notebook znovu na formát, ale obávám se, že se mi vir znovu vrátí. Problém je, že v domácnosti máme tři počítače k osobnímu použití připojené síťovým kabelem k routeru. Obávám se, že bych tyto dva počítače mohla nakazit také. Antivirové kontroly provádím i několikrát za den, většinou nenaleznou žádnou hrozbu. Jelikož nejsem bohužel IT expert, ale pouhý běžný uživatel, prosím vás tímto o pro mě velmi cennou radu.

Velice děkuji

Markéta

Logfile of random's system information tool 1.09 (written by random/random)
Run by Maki at 2013-09-29 01:57:33
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 211 GB (87%) free of 243 GB
Total RAM: 4095 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:58:13, on 29.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Maki\AppData\Roaming\ICQM\icq.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Maki.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Maki\AppData\Roaming\ICQM\icq.exe -CU
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Maki\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Maki\AppData\Roaming\ICQM\icq.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8376168-54BE-4538-9236-6D2C7724934B}: NameServer = 213.226.240.126,213.226.224.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10098 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f0
C:\Windows\system32\svchost.exe -k LocalService
winlogon.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
taskeng.exe {7E75D187-93A2-41EA-AF5C-323A5C122940}
taskeng.exe {4EF040F8-8290-4FB6-998B-D824FA0BB172}
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Users\Maki\AppData\Roaming\ICQM\icq.exe" -CU
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2968.0.156088513\1607100009" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0873 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.15.11.8619 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="2968.1.382371324\1068398023" /prefetch:673131151
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:remainder use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_85/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="2968.2.1932317515\571153556" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Users\Maki\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Maki\AppData\Roaming\Mozilla\Firefox\Profiles\q9gnq1m0.default

prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\Maki\AppData\Roaming\Mozilla\Firefox\Profiles\q9gnq1m0.default\searchplugins\
qipsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-08-28 24518144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-08-28 18425000]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-08-28 24518144]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-08-28 18425000]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-08-28 96056]
"icq"=C:\Users\Maki\AppData\Roaming\ICQM\icq.exe [2013-09-28 28698984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2013-08-27 617856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2009-06-11 16328736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 8114720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2013-05-16 3830224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2013-08-27 156880]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-09-29 01:57:33 ----D---- C:\rsit
2013-09-29 01:57:33 ----D---- C:\Program Files\trend micro
2013-09-29 01:11:27 ----SHD---- C:\$RECYCLE.BIN
2013-09-29 01:11:24 ----D---- C:\Windows\temp
2013-09-29 01:02:48 ----A---- C:\Windows\zip.exe
2013-09-29 01:02:48 ----A---- C:\Windows\SWSC.exe
2013-09-29 01:02:48 ----A---- C:\Windows\SWREG.exe
2013-09-29 01:02:48 ----A---- C:\Windows\sed.exe
2013-09-29 01:02:48 ----A---- C:\Windows\PEV.exe
2013-09-29 01:02:48 ----A---- C:\Windows\NIRCMD.exe
2013-09-29 01:02:48 ----A---- C:\Windows\MBR.exe
2013-09-29 01:02:48 ----A---- C:\Windows\grep.exe
2013-09-29 00:59:51 ----D---- C:\Qoobox
2013-09-29 00:59:40 ----D---- C:\Windows\erdnt
2013-09-29 00:42:52 ----D---- C:\AdwCleaner
2013-09-28 22:02:20 ----D---- C:\ProgramData\Last.fm
2013-09-28 21:33:06 ----D---- C:\Users\Maki\AppData\Roaming\ICQ-Profile
2013-09-28 21:33:06 ----D---- C:\Users\Maki\AppData\Roaming\ICQM
2013-09-21 21:05:01 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-09-21 21:04:58 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-09-21 21:04:56 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-09-21 21:04:55 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-09-08 23:20:25 ----D---- C:\Program Files (x86)\ICQM
2013-09-06 23:58:57 ----D---- C:\Users\Maki\AppData\Roaming\QIP
2013-09-04 21:25:57 ----D---- C:\Users\Maki\AppData\Roaming\foobar2000
2013-09-04 11:29:53 ----A---- C:\Windows\system32\E_GCINST.DLL
2013-09-04 11:29:51 ----A---- C:\Windows\system32\E_ILMCDE.DLL
2013-09-04 11:29:50 ----A---- C:\Windows\system32\E_IBCBCDE.DLL
2013-09-04 11:29:31 ----D---- C:\ProgramData\EPSON
2013-09-02 22:50:22 ----D---- C:\Users\Maki\AppData\Roaming\Mozilla
2013-09-02 22:50:03 ----D---- C:\ProgramData\Mozilla
2013-09-02 22:50:02 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 22:50:00 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-09-29 01:57:33 ----RD---- C:\Program Files
2013-09-29 01:11:24 ----D---- C:\Windows
2013-09-29 01:09:58 ----D---- C:\Windows\Tasks
2013-09-29 01:09:00 ----A---- C:\Windows\system.ini
2013-09-29 01:08:55 ----D---- C:\Windows\system32\drivers\etc
2013-09-29 01:06:40 ----D---- C:\Windows\SYSWOW64\drivers
2013-09-29 01:06:40 ----D---- C:\Windows\SysWOW64
2013-09-29 01:06:40 ----D---- C:\Windows\AppPatch
2013-09-29 01:06:39 ----D---- C:\Program Files (x86)\Common Files
2013-09-29 01:03:10 ----SHD---- C:\System Volume Information
2013-09-29 01:00:32 ----D---- C:\Windows\Prefetch
2013-09-29 00:59:52 ----D---- C:\Windows\system32\drivers
2013-09-29 00:17:52 ----D---- C:\Program Files\WinRAR
2013-09-29 00:17:26 ----D---- C:\ProgramData\Adobe
2013-09-29 00:17:23 ----SHD---- C:\Windows\Installer
2013-09-29 00:17:22 ----D---- C:\Program Files (x86)\Adobe
2013-09-28 23:00:59 ----D---- C:\Users\Maki\AppData\Roaming\Skype
2013-09-28 22:59:09 ----D---- C:\Windows\system32\Tasks
2013-09-28 22:02:20 ----D---- C:\ProgramData
2013-09-28 22:02:20 ----D---- C:\Program Files (x86)\Windows Media Player
2013-09-28 22:01:40 ----D---- C:\Program Files (x86)\Last.fm
2013-09-27 20:46:52 ----D---- C:\Windows\system32\config
2013-09-24 14:48:08 ----D---- C:\Windows\System32
2013-09-24 14:48:08 ----D---- C:\Windows\inf
2013-09-24 14:48:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-24 00:18:09 ----RD---- C:\Program Files (x86)
2013-09-21 21:05:05 ----D---- C:\Windows\system32\DriverStore
2013-09-21 21:05:05 ----D---- C:\Windows\system32\catroot
2013-09-18 23:03:15 ----D---- C:\Users\Maki\AppData\Roaming\vlc
2013-09-18 08:52:54 ----D---- C:\Windows\system32\catroot2
2013-09-12 17:48:54 ----D---- C:\Windows\system32\NDF
2013-09-11 23:52:40 ----D---- C:\Windows\system32\wdi
2013-09-10 22:38:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-09-09 10:07:16 ----D---- C:\Windows\system32\LogFiles
2013-09-08 10:42:56 ----D---- C:\Users\Maki\AppData\Roaming\Adobe
2013-09-07 16:05:55 ----SD---- C:\Users\Maki\AppData\Roaming\Microsoft
2013-09-06 23:46:32 ----D---- C:\Users\Maki\AppData\Roaming\Foxit Software
2013-09-04 21:25:56 ----D---- C:\Program Files (x86)\foobar2000
2013-09-04 14:14:11 ----D---- C:\Users\Maki\AppData\Roaming\WinRAR
2013-09-01 14:50:41 ----D---- C:\Program Files (x86)\Google
2013-08-30 09:47:14 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-07-17 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-08-30 270824]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2013-08-30 131232]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-08-30 22600]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 2004128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2013-08-27 13680]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-08-27 140800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-08-30 137960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-11 382496]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-27 116648]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-11 118680]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-27 1255736]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 29 zář 2013 07:44

Zdravim

Spybota odinstalujte, je zastaraly a spis jen na ozdobu, nez ze by chranil

Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

MakiLast · #3 Příspěvek od **MakiLast** » 29 zář 2013 08:53

Děkuji za odpověď, co se týká legality systému, tak vzhledm k tomu, že na notebooku mám nefunkční CDmechaniku, a obnovení přes obnovovací CD je pro mě bohužel trochu nemožné. Dávala jsem notebook na formát pryč, původní legální systém momentálně nemám.

Komletní kontrolu MBAM jsem udělala - viz. níže. (bez infekce)

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.29.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Maki :: MAKI-NOTEBOOK [administrátor]

Ochrana: Povolena

29.9.2013 9:26:01
mbam-log-2013-09-29 (09-26-01).txt

Typ: Kompletní kontrola (C:\|D:\|X:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 294467
Uplynulý čas: 24 minut, 55 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

#4 Příspěvek od **Márty84** » 29 zář 2013 09:09

A kam pryc? Proc tam dali zrovna Ultimaty?

MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

MakiLast · #5 Příspěvek od **MakiLast** » 29 zář 2013 09:15

Ke známému, co dělá počítače... Nevím proč tam dal ultimaty, dnes jsem s ním mluvila, domluvila jsem se na formátování systému na příští víkend a domluvila jsem si tam Win7 Home s legálním klíčem, který mám k dispozici.

#6 Příspěvek od **Márty84** » 29 zář 2013 09:22

Aha, no a ma to tedy cenu kontrolovat, kdyz to budete zase formatovat?

MakiLast · #7 Příspěvek od **MakiLast** » 29 zář 2013 09:24

Na AwdCleaner jsem narazila již dnes ráno, posílám vám i první log

# AdwCleaner v3.005 - Report created 29/09/2013 at 00:43:20
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Maki - MAKI-NOTEBOOK
# Running from : C:\Users\Maki\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.qip.ru
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://search.qip.ru/ie

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Maki\AppData\Roaming\Mozilla\Firefox\Profiles\q9gnq1m0.default\prefs.js ]

Line Found : user_pref("keyword.URL", "hxxp://search.qip.ru/search?utm_source=ffb&utm_medium=cpc&utm_campaign=browsers&query=");

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Maki\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [2332 octets] - [29/09/2013 00:43:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2392 octets] ##########

Druhý log dělaný nyní.

# AdwCleaner v3.005 - Report created 29/09/2013 at 10:18:47
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Maki - MAKI-NOTEBOOK
# Running from : C:\Users\Maki\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Maki\AppData\Roaming\Mozilla\Firefox\Profiles\q9gnq1m0.default\prefs.js ]

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Maki\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2476 octets] - [29/09/2013 00:43:20]
AdwCleaner[R1].txt - [810 octets] - [29/09/2013 10:18:47]
AdwCleaner[S0].txt - [2357 octets] - [29/09/2013 00:44:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [929 octets] ##########

MakiLast · #8 Příspěvek od **MakiLast** » 29 zář 2013 09:27

Nu nejspíše již ne... Po formátování zůstanu u Avasta a jako prevence proti spywarům a jiné verbeši, se případně informuji.

Kdyby se mi znovu objevil problém ozvu se... Díky moc za čas a omlouvám se, že to mělo takové vyústění...

#9 Příspěvek od **Márty84** » 29 zář 2013 09:47

Jojo, Avast je zrejme nejlepsi free reseni. Ono vlastne dalsi sw uz neni potreba, pokud se na netu chovate slusne

Jinak ja nerekl, ze ten system je nelegalni, treba mel volnou licenci. Ja se jen ptal

Omlouvat se neni proc

Az budete mit nahozeny novy system, dejte vedet, jak to vypada. Mozna ze by nebylo spatne zkontrolovat pak i ty dalsi pocitace, jestli nahodou neni pricina problemu tam

Tak se zatim mejte hezky a drzim palce, at to zabere

MakiLast · #10 Příspěvek od **MakiLast** » 29 zář 2013 10:07

Díky moc

Jinak příští týden se budou formátovat právě všechny počítače najednou + i externí disky a paměti... takže snad už se toho zbavíme...

Ozvu se kdyby se objevil nějaký problém

Ještě jednou díky moc

#11 Příspěvek od **Márty84** » 29 zář 2013 10:30

Ahaaa, takze kompletni cistka

To jo, sice nektera havet umi format prezit, ale to byste museli mit poradnou smulu

Dobra, necham tedy tema nejakou dobu otevrene

Nemate vubec zac

MakiLast · #12 Příspěvek od **MakiLast** » 21 říj 2013 21:01

Dobrý den,

doufala jsem, že tohle fórum již potřebovat nebudu. Mám stále stejný problém - bohužel po dvojitém formátování a několika přepsání harddisku... jsem zoufalá, zformátované máme všechny počítače, ale pouze můj počítač stále hlásí překročení konektivity...popravdě bych ho nejradši vyhodila z okna - formátovaná probíhalo téměř celý víkend, nyní když jsem naformátovaný čistý notebook připojila k netu, napsala poskytovateli připojení - znovu mi bylo sděleno, že moje IP adresa soustavně překračuje konektivitu...Tudíž se i dnes obracím na Vás s prosbou o pomoc.

Děkuji moc

Markéta

Logfile of random's system information tool 1.09 (written by random/random)
Run by Markéta at 2013-10-21 21:58:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 220 GB (89%) free of 246 GB
Total RAM: 4095 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:32, on 21.10.13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Markéta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Markéta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7934 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\sppsvc.exe
"LogonUI.exe" /flags:0x1
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3464.0.1139355969\645399901" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,21,24,26 --gpu-vendor-id=0x10de --gpu-device-id=0x0873 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.15.11.8619 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="3464.1.505454123\2120364740" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.2.2010000306\801895908" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.3.1262734353\85605793" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.4.1219714064\1433714144" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.5.427553822\1298555239" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.7.1293076507\177605901" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.36.513455015\409280064" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3464.37.1646926904\1070014631" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.38.885299797\1810774691" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.39.9824649\158327641" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.43.137214223\315081935" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.47.285096430\588818951" /prefetch:673131151
"C:\Users\Markéta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_90/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3464.49.287164083\936755893" /prefetch:673131151
C:\Windows\system32\AUDIODG.EXE 0x828
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Markéta\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3621281743-3498106055-3893055962-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3621281743-3498106055-3893055962-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-20 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-20 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-20 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-20 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-11 16328736]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2011-07-05 617856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Markéta\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-05 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-10-20 3567800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-21 21:58:24 ----D---- C:\rsit
2013-10-21 21:58:24 ----D---- C:\Program Files\trend micro
2013-10-21 18:16:56 ----D---- C:\Users\Markéta\AppData\Roaming\foobar2000
2013-10-21 18:16:49 ----D---- C:\Program Files (x86)\foobar2000
2013-10-21 13:21:17 ----A---- C:\Windows\SYSWOW64\gcapi_dll.dll
2013-10-21 13:21:06 ----D---- C:\Users\Markéta\AppData\Roaming\Foxit Software
2013-10-21 13:21:05 ----D---- C:\Program Files (x86)\Foxit Software
2013-10-21 10:03:23 ----D---- C:\Users\Markéta\AppData\Roaming\Adobe
2013-10-21 00:33:38 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-21 00:33:38 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-10-21 00:33:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-10-21 00:33:38 ----A---- C:\Windows\system32\elshyph.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\url.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-10-21 00:33:37 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\wininet.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\wextract.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\webcheck.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\vbscript.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\urlmon.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\url.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\pngfilt.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\occache.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\msrating.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\msls31.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\mshtmler.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\mshtmled.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\mshtml.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\mshta.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\msfeedssync.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\licmgr10.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\jscript9.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\jscript.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\inseng.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\imgutil.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iexpress.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ieUnatt.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ieui.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iesetup.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iertutil.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iernonce.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iepeers.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ieframe.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\iedkcs32.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ieapfltr.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ieapfltr.dat
2013-10-21 00:33:36 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-21 00:33:36 ----A---- C:\Windows\system32\icardie.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\dxtrans.dll
2013-10-21 00:33:36 ----A---- C:\Windows\system32\dxtmsft.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-21 00:27:25 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-10-21 00:27:25 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\XpsPrint.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\WMPhoto.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\UIAnimation.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\FntCache.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\dxgi.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\DWrite.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10warp.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10level9.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10core.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10_1.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d3d10.dll
2013-10-21 00:27:25 ----A---- C:\Windows\system32\d2d1.dll
2013-10-21 00:25:29 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-10-21 00:25:29 ----A---- C:\Windows\system32\d3d11.dll
2013-10-21 00:18:34 ----A---- C:\Windows\system32\browserchoice.exe
2013-10-21 00:05:34 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-10-21 00:05:34 ----A---- C:\Windows\system32\imagehlp.dll
2013-10-21 00:05:34 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-10-21 00:05:33 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-10-21 00:05:33 ----A---- C:\Windows\system32\wmi.dll
2013-10-20 22:42:15 ----A---- C:\Windows\system32\odbctrac.dll
2013-10-20 22:42:15 ----A---- C:\Windows\system32\odbccu32.dll
2013-10-20 22:42:15 ----A---- C:\Windows\system32\odbccr32.dll
2013-10-20 22:42:15 ----A---- C:\Windows\system32\odbccp32.dll
2013-10-20 22:42:14 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-10-20 22:42:14 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-10-20 22:42:14 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-10-20 22:42:14 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-10-20 22:42:14 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-10-20 22:42:11 ----A---- C:\Windows\system32\comctl32.dll
2013-10-20 22:42:10 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-20 22:41:54 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-10-20 22:41:54 ----A---- C:\Windows\system32\poqexec.exe
2013-10-20 22:41:49 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-10-20 22:41:49 ----A---- C:\Windows\system32\mstscax.dll
2013-10-20 22:41:48 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-10-20 22:41:48 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-10-20 22:41:48 ----A---- C:\Windows\system32\tsgqec.dll
2013-10-20 22:41:48 ----A---- C:\Windows\system32\aaclient.dll
2013-10-20 22:41:40 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-10-20 22:41:40 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-10-20 22:41:40 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-10-20 22:41:40 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-10-20 22:41:40 ----A---- C:\Windows\system32\wintrust.dll
2013-10-20 22:41:40 ----A---- C:\Windows\system32\cryptsvc.dll
2013-10-20 22:41:40 ----A---- C:\Windows\system32\cryptnet.dll
2013-10-20 22:41:40 ----A---- C:\Windows\system32\crypt32.dll
2013-10-20 22:41:32 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-10-20 22:41:32 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-10-20 22:41:32 ----A---- C:\Windows\system32\sbe.dll
2013-10-20 22:41:32 ----A---- C:\Windows\system32\CPFilters.dll
2013-10-20 22:41:28 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-10-20 22:41:28 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-10-20 22:41:28 ----A---- C:\Windows\system32\quartz.dll
2013-10-20 22:41:28 ----A---- C:\Windows\system32\qdvd.dll
2013-10-20 22:41:18 ----A---- C:\Windows\system32\authui.dll
2013-10-20 22:41:17 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-10-20 22:41:17 ----A---- C:\Windows\system32\consent.exe
2013-10-20 22:41:17 ----A---- C:\Windows\system32\appinfo.dll
2013-10-20 22:41:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-10-20 22:41:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-10-20 22:41:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-10-20 22:41:05 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-10-20 22:41:04 ----A---- C:\Windows\system32\webio.dll
2013-10-20 22:41:03 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-10-20 22:40:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-10-20 22:40:51 ----A---- C:\Windows\system32\tzres.dll
2013-10-20 22:40:41 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-20 22:40:41 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-20 22:40:41 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-20 22:40:41 ----A---- C:\Windows\system32\lpk.dll
2013-10-20 22:40:41 ----A---- C:\Windows\system32\dciman32.dll
2013-10-20 22:40:41 ----A---- C:\Windows\system32\atmlib.dll
2013-10-20 22:40:41 ----A---- C:\Windows\system32\atmfd.dll
2013-10-20 22:40:40 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-20 22:40:40 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-20 22:40:40 ----A---- C:\Windows\system32\mfc42u.dll
2013-10-20 22:40:40 ----A---- C:\Windows\system32\fontsub.dll
2013-10-20 22:40:39 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-10-20 22:40:39 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-10-20 22:40:39 ----A---- C:\Windows\system32\mfc42.dll
2013-10-20 22:40:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-20 22:40:29 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-20 22:40:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-20 22:40:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\wow64win.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\wow64.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\winsrv.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\ntdll.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\KernelBase.dll
2013-10-20 22:40:28 ----A---- C:\Windows\system32\kernel32.dll
2013-10-20 22:40:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-20 22:40:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-20 22:40:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-10-20 22:40:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-10-20 22:40:27 ----A---- C:\Windows\system32\smss.exe
2013-10-20 22:40:27 ----A---- C:\Windows\system32\ntvdm64.dll
2013-10-20 22:40:27 ----A---- C:\Windows\system32\csrsrv.dll
2013-10-20 22:40:27 ----A---- C:\Windows\system32\conhost.exe
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-20 22:40:26 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-20 22:40:26 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-20 22:40:26 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-20 22:40:26 ----A---- C:\Windows\system32\wow64cpu.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-20 22:40:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-20 22:40:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-10-20 22:40:25 ----A---- C:\Windows\system32\apisetschema.dll
2013-10-20 22:40:24 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-20 22:40:23 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-10-20 22:40:22 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-10-20 22:40:21 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-10-20 22:40:20 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-10-20 22:40:20 ----A---- C:\Windows\system32\rdpwsx.dll
2013-10-20 22:40:20 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-10-20 22:40:17 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-10-20 22:40:17 ----A---- C:\Windows\system32\schannel.dll
2013-10-20 22:40:17 ----A---- C:\Windows\system32\lsasrv.dll
2013-10-20 22:40:17 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-10-20 22:40:17 ----A---- C:\Windows\system32\drivers\cng.sys
2013-10-20 22:40:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-10-20 22:40:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-10-20 22:40:16 ----A---- C:\Windows\system32\sspisrv.dll
2013-10-20 22:40:16 ----A---- C:\Windows\system32\sspicli.dll
2013-10-20 22:40:16 ----A---- C:\Windows\system32\secur32.dll
2013-10-20 22:40:16 ----A---- C:\Windows\system32\lsass.exe
2013-10-20 22:40:16 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-10-20 22:40:15 ----A---- C:\Windows\system32\Wdfres.dll
2013-10-20 22:40:15 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-10-20 22:40:15 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-20 22:40:13 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-10-20 22:40:13 ----A---- C:\Windows\system32\rpcrt4.dll
2013-10-20 22:40:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-20 22:40:12 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-20 22:40:12 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-20 22:40:11 ----A---- C:\Windows\system32\msxml6.dll
2013-10-20 22:40:10 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-10-20 22:40:10 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-10-20 22:40:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-10-20 22:40:10 ----A---- C:\Windows\system32\msxml3r.dll
2013-10-20 22:40:10 ----A---- C:\Windows\system32\msxml3.dll
2013-10-20 22:40:08 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-20 22:40:08 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-20 22:40:07 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-10-20 22:40:07 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-10-20 22:40:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-10-20 22:40:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-10-20 22:40:07 ----A---- C:\Windows\system32\dnsapi.dll
2013-10-20 22:39:33 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-10-20 22:39:33 ----A---- C:\Windows\system32\dpnet.dll
2013-10-20 22:39:31 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-10-20 22:39:31 ----A---- C:\Windows\system32\qedit.dll
2013-10-20 22:39:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-10-20 22:39:29 ----A---- C:\Windows\system32\ncrypt.dll
2013-10-20 22:38:44 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-10-20 22:38:44 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-10-20 22:38:44 ----A---- C:\Windows\system32\drivers\srv.sys
2013-10-20 22:38:42 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-10-20 22:38:41 ----A---- C:\Windows\system32\win32k.sys
2013-10-20 22:38:39 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-10-20 22:38:39 ----A---- C:\Windows\system32\psisdecd.dll
2013-10-20 22:38:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-10-20 22:38:21 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-20 22:37:59 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-10-20 22:37:57 ----A---- C:\Windows\system32\kerberos.dll
2013-10-20 22:37:56 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-10-20 22:37:34 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-10-20 22:37:34 ----A---- C:\Windows\system32\synceng.dll
2013-10-20 22:37:26 ----A---- C:\Windows\system32\shell32.dll
2013-10-20 22:37:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-10-20 22:37:25 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-10-20 22:37:25 ----A---- C:\Windows\system32\shdocvw.dll
2013-10-20 22:37:17 ----A---- C:\Windows\system32\winresume.exe
2013-10-20 22:37:17 ----A---- C:\Windows\system32\winload.exe
2013-10-20 22:37:17 ----A---- C:\Windows\system32\kdusb.dll
2013-10-20 22:37:17 ----A---- C:\Windows\system32\kdcom.dll
2013-10-20 22:37:17 ----A---- C:\Windows\system32\kd1394.dll
2013-10-20 22:37:15 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-10-20 22:37:15 ----A---- C:\Windows\system32\win32spl.dll
2013-10-20 22:37:14 ----A---- C:\Windows\system32\taskhost.exe
2013-10-20 22:37:13 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-10-20 22:37:12 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-10-20 22:37:12 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-10-20 22:37:12 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-10-20 22:37:12 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-10-20 22:37:10 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-20 22:37:10 ----A---- C:\Windows\system32\drivers\netio.sys
2013-10-20 22:37:10 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-10-20 22:37:09 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-20 22:37:09 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-20 22:37:03 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-10-20 22:37:03 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-10-20 22:37:03 ----A---- C:\Windows\system32\netapi32.dll
2013-10-20 22:37:03 ----A---- C:\Windows\system32\browser.dll
2013-10-20 22:37:03 ----A---- C:\Windows\system32\browcli.dll
2013-10-20 22:37:02 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-10-20 22:37:01 ----A---- C:\Windows\system32\inetcomm.dll
2013-10-20 22:37:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-10-20 22:37:00 ----A---- C:\Windows\system32\msvcrt.dll
2013-10-20 22:36:59 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-10-20 22:36:46 ----A---- C:\Windows\system32\certutil.exe
2013-10-20 22:36:45 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-10-20 22:36:44 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-10-20 22:36:44 ----A---- C:\Windows\system32\certenc.dll
2013-10-20 22:36:31 ----A---- C:\Windows\system32\localspl.dll
2013-10-20 22:36:30 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-10-20 22:36:26 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-10-20 22:36:26 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-10-20 22:36:26 ----A---- C:\Windows\system32\oleaut32.dll
2013-10-20 22:36:26 ----A---- C:\Windows\system32\oleacc.dll
2013-10-20 22:36:24 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-10-20 22:36:24 ----A---- C:\Windows\system32\EncDec.dll
2013-10-20 22:36:22 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-10-20 22:36:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-20 22:36:22 ----A---- C:\Windows\system32\cdd.dll
2013-10-20 22:35:37 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-10-20 22:35:36 ----A---- C:\Windows\system32\cdosys.dll
2013-10-20 22:35:30 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-10-20 22:35:30 ----A---- C:\Windows\system32\packager.dll
2013-10-20 22:30:32 ----D---- C:\Users\Markéta\AppData\Roaming\Skype
2013-10-20 22:30:23 ----RD---- C:\Program Files (x86)\Skype
2013-10-20 22:30:15 ----D---- C:\ProgramData\Skype
2013-10-20 22:21:54 ----D---- C:\Users\Markéta\AppData\Roaming\AVAST Software
2013-10-20 22:20:53 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-10-20 22:20:53 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-10-20 22:20:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-10-20 22:20:46 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-10-20 22:20:44 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-10-20 22:20:42 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-10-20 22:20:41 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-10-20 22:20:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-10-20 22:20:35 ----A---- C:\Windows\system32\aswBoot.exe
2013-10-20 22:20:32 ----A---- C:\Windows\avastSS.scr
2013-10-20 22:20:15 ----D---- C:\Program Files\AVAST Software
2013-10-20 22:19:31 ----D---- C:\ProgramData\AVAST Software
2013-10-20 22:19:05 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-10-20 22:19:05 ----A---- C:\Windows\system32\rdpcore.dll
2013-10-20 22:19:05 ----A---- C:\Windows\system32\drivers\tdtcp.sys

======List of files/folders modified in the last 1 month======

2013-10-21 21:58:32 ----D---- C:\Windows\Prefetch
2013-10-21 21:58:26 ----D---- C:\Windows\Temp
2013-10-21 21:58:24 ----RD---- C:\Program Files
2013-10-21 18:16:49 ----RD---- C:\Program Files (x86)
2013-10-21 18:06:28 ----SD---- C:\ProgramData\Microsoft
2013-10-21 18:06:22 ----SD---- C:\Users\Markéta\AppData\Roaming\Microsoft
2013-10-21 13:21:17 ----D---- C:\Windows\SysWOW64
2013-10-21 11:20:43 ----D---- C:\Windows\system32\config
2013-10-21 11:00:35 ----D---- C:\Windows\system32\catroot2
2013-10-21 11:00:35 ----D---- C:\Windows\system32\catroot
2013-10-21 10:52:21 ----D---- C:\Windows\system32\wdi
2013-10-21 10:41:46 ----D---- C:\Windows\rescache
2013-10-21 10:19:52 ----D---- C:\Windows\Microsoft.NET
2013-10-21 10:19:43 ----RSD---- C:\Windows\assembly
2013-10-21 10:06:45 ----D---- C:\Windows\System32
2013-10-21 10:06:45 ----D---- C:\Windows\inf
2013-10-21 10:06:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-21 10:02:40 ----D---- C:\Windows\winsxs
2013-10-21 09:58:37 ----D---- C:\Program Files\Common Files\System
2013-10-21 09:58:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-10-21 09:58:33 ----D---- C:\Windows\system32\cs-CZ
2013-10-21 09:58:33 ----D---- C:\Windows\ehome
2013-10-21 09:58:31 ----D---- C:\Windows\system32\drivers
2013-10-21 09:58:30 ----D---- C:\Program Files\Windows Defender
2013-10-21 09:58:30 ----D---- C:\Program Files (x86)\Windows Defender
2013-10-21 09:58:30 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-21 09:58:29 ----D---- C:\Program Files\Internet Explorer
2013-10-21 09:58:28 ----D---- C:\Windows\SYSWOW64\migration
2013-10-21 09:58:28 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-21 09:58:27 ----D---- C:\Windows\system32\migration
2013-10-21 09:58:27 ----D---- C:\Windows\system32\en-US
2013-10-21 09:58:27 ----D---- C:\Windows\PolicyDefinitions
2013-10-21 09:58:25 ----RSD---- C:\Windows\Fonts
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\it-IT
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\es-ES
2013-10-21 09:58:24 ----D---- C:\Windows\SYSWOW64\el-GR
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\de-DE
2013-10-21 09:58:23 ----D---- C:\Windows\SYSWOW64\da-DK
2013-10-21 09:58:21 ----D---- C:\Windows\system32\zh-HK
2013-10-21 09:58:21 ----D---- C:\Windows\system32\tr-TR
2013-10-21 09:58:21 ----D---- C:\Windows\system32\sv-SE
2013-10-21 09:58:21 ----D---- C:\Windows\system32\pt-PT
2013-10-21 09:58:21 ----D---- C:\Windows\system32\pt-BR
2013-10-21 09:58:21 ----D---- C:\Windows\system32\pl-PL
2013-10-21 09:58:21 ----D---- C:\Windows\system32\nl-NL
2013-10-21 09:58:21 ----D---- C:\Windows\system32\ko-KR
2013-10-21 09:58:21 ----D---- C:\Windows\system32\it-IT
2013-10-21 09:58:21 ----D---- C:\Windows\system32\hu-HU
2013-10-21 09:58:21 ----D---- C:\Windows\system32\fr-FR
2013-10-21 09:58:21 ----D---- C:\Windows\system32\fi-FI
2013-10-21 09:58:21 ----D---- C:\Windows\system32\el-GR
2013-10-21 09:58:20 ----D---- C:\Windows\system32\zh-TW
2013-10-21 09:58:20 ----D---- C:\Windows\system32\zh-CN
2013-10-21 09:58:20 ----D---- C:\Windows\system32\ru-RU
2013-10-21 09:58:20 ----D---- C:\Windows\system32\nb-NO
2013-10-21 09:58:20 ----D---- C:\Windows\system32\ja-JP
2013-10-21 09:58:20 ----D---- C:\Windows\system32\es-ES
2013-10-21 09:58:20 ----D---- C:\Windows\system32\de-DE
2013-10-21 09:58:20 ----D---- C:\Windows\system32\da-DK
2013-10-21 09:58:16 ----D---- C:\Windows\AppPatch
2013-10-21 09:58:12 ----D---- C:\Windows\system32\wbem
2013-10-21 09:57:51 ----D---- C:\Windows\system32\Boot
2013-10-21 09:57:47 ----D---- C:\Program Files\Windows Journal
2013-10-21 09:57:26 ----D---- C:\Windows\system32\DriverStore
2013-10-21 00:42:01 ----D---- C:\Windows\Logs
2013-10-21 00:24:42 ----D---- C:\Windows
2013-10-21 00:04:27 ----D---- C:\Windows\SoftwareDistribution
2013-10-21 00:02:58 ----SHD---- C:\System Volume Information
2013-10-20 22:30:29 ----SHD---- C:\Windows\Installer
2013-10-20 22:30:23 ----D---- C:\Program Files (x86)\Common Files
2013-10-20 22:30:15 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-20 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-10-20 205320]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2011-07-05 241696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-10-20 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-10-20 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-10-20 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-10-20 65264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-10-20 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-10-20 84328]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-07-05 140800]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2011-07-05 28704]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-20 50344]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-11 382496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-05 1255736]

-----------------EOF-----------------

#13 Příspěvek od **Márty84** » 22 říj 2013 09:52

Tak se kouknem, jestli tam neco nehnizdi

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe , ulozte ho na plochu a spustte jako spravce.
Kliknete na Report
Za chvili vyskoci log s nazvem MBRScan.txt, ten mi sem zkopirujte.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

radekradek@seznam.cz

Dobrý den,
nechci se moc vměšovat do diskuze, ale přeci jen bych si dovolil jeden postřeh od jinud.
Pokud jsem to správně pochopil, došlo ke kompletní očistě (formát a nová instalace OS) všech PC zapojených do sítě a problém stále přetrvává? Kdysi jsem pro jednoho poskytovatele pracoval tak se trochu v oboru vyznám. Doporučil bych následující postup. Všechny zařízení odpojit od routeru a zavolat na hot-line poskytovatele, zdali je vidět nějaký traffic na lince. Pokud nebude připojoval bych postupně PC, ve chvíli kdyby mi operátor na lince zdělil, že PC které jsem zapojil spouští příliš moho konexí, soustředil bych se na toto PC.
S praxe si vzpomínám, že podobný problém tvořila např. síťová karta nebo router. Pokud máte na wifi zapnuto slabší šifrování tzn. ASCI 128 bit nebo ještě hůře HEX, je také pravděpodobné, že máte na wifi píchnutého souseda se zavirovaným kompem..atd.

PS: pokud je má poznámka "mimo mísu" tak se omlouvám, ale napadlo mě, že by mohla být užitečná,

MakiLast · #15 Příspěvek od **MakiLast** » 22 říj 2013 16:39

Díky za odpověď, tato možnost je bohužel nemožná. Router, který máme doma nedisponuje wifi - jsme všichni připojení pouze drátem. Opakovaně je problém u mého počítače s mou pevnou IP adresou - navíc při formátování ostatních PC u nás doma odešla tatkově kompu grafická karta a tak zbyl připojený pouze můj a bratrův komp, který je dle člověka od připojení v pořádku. Dnes jsem poskytovateli připojení dokonce ntb donesla, na jeho doporučení. Zajímalo by mě, co v mém ntb objeví. Je prázdný ani office sada tam není - a programy, které jsem nainstalovala (Skype na jehož účet jsem se ani nepřipojila, Foxit reader, foobar - jsem smazala)....jediné, co tam zbylo je avast a nainstalovaný prohlížeč...

Takže počítač již doma nemám, a popravdě, když poskytovatel připojení můj počítač ode mě přebíral, tak si neodpustil poznámku, že Avast není moc dobrý antivir...a ještě se mě přiblble ptal jestli tam náhodou nemám torenty nebo co...po té co jsem mu několikrát zdůraznila, že byl formátovaný před jedním dnem a jediné, co tam je je avast.... Tím už mě opravdu naštval

jen si na to vzpomenu hned se mi vaří krev v žilách...

začínám mít pocit, že problém není na mém přijímači...

VIRY.CZ

Překročení konektivity routeru

Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru

Re: Překročení konektivity routeru