Poprosím o kontrolu logu

Zpráva

biblbrox · #1 Příspěvek od **biblbrox** » 09 led 2014 18:09

Dobrý večer. Mierny problém s jedným notebookom. Windows security hlási nejaký adaware, Avast pri kontrole nenájde nič. Pc je spomalené, systém stále niečo "hrabe" na HDD.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lukas at 2014-01-09 17:56:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 46 GB (20%) free of 226 GB
Total RAM: 1979 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:56, on 9. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4401r36n
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9181 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-06 4767304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-09 17:56:35 ----D---- C:\rsit
2013-12-26 08:40:45 ----A---- C:\Windows\SysWOW64\ieui.dll
2013-12-26 08:40:44 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2013-12-26 08:40:39 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2013-12-26 08:40:37 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-12-26 08:40:33 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-12-26 08:40:27 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-12-26 08:40:24 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-12-26 08:40:22 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-12-23 07:19:17 ----A---- C:\Windows\SysWOW64\elshyph.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\url.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\msrating.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\msls31.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\jsIntl.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\wextract.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\webcheck.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\vbscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\occache.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\mshta.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\inseng.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\imgutil.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\iexpress.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\iesetup.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\iernonce.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\iepeers.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SysWOW64\icardie.dll
2013-12-21 15:44:28 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2013-12-21 15:44:27 ----A---- C:\Windows\SysWOW64\wmp.dll
2013-12-20 15:05:51 ----A---- C:\Windows\SysWOW64\msieftp.dll
2013-12-20 10:17:36 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2013-12-20 10:13:23 ----A---- C:\Windows\SysWOW64\wscript.exe
2013-12-20 10:13:21 ----A---- C:\Windows\SysWOW64\scrrun.dll
2013-12-20 10:13:21 ----A---- C:\Windows\SysWOW64\cscript.exe
2013-12-20 10:12:06 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2013-12-20 09:54:49 ----A---- C:\Windows\SysWOW64\tzres.dll

======List of files/folders modified in the last 1 month======

2014-01-09 17:56:53 ----D---- C:\Program Files (x86)\trend micro
2014-01-09 17:56:51 ----D---- C:\Windows\Temp
2014-01-09 17:52:11 ----D---- C:\Program Files (x86)
2014-01-09 17:52:09 ----SHD---- C:\System Volume Information
2014-01-05 21:32:34 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2014-01-03 21:02:24 ----SHD---- C:\Windows\Installer
2014-01-03 21:02:23 ----D---- C:\ProgramData\Skype
2014-01-03 21:02:22 ----SHD---- C:\Config.Msi
2014-01-03 21:02:12 ----RD---- C:\Program Files (x86)\Skype
2013-12-26 22:20:36 ----D---- C:\Windows\winsxs
2013-12-26 22:18:50 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-26 22:18:49 ----D---- C:\Windows\SysWOW64
2013-12-26 22:18:47 ----D---- C:\Windows\System32
2013-12-25 22:30:38 ----D---- C:\Windows\Minidump
2013-12-25 22:30:32 ----AD---- C:\Windows
2013-12-23 20:04:59 ----D---- C:\Windows\SysWOW64\sk-SK
2013-12-23 20:04:55 ----D---- C:\Windows\SysWOW64\migration
2013-12-23 20:04:54 ----D---- C:\Windows\SysWOW64\en-US
2013-12-23 20:04:50 ----D---- C:\Windows\PolicyDefinitions
2013-12-23 07:25:28 ----D---- C:\Windows\Logs
2013-12-22 19:41:28 ----D---- C:\Windows\inf
2013-12-21 23:35:38 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-21 15:42:35 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\SysWOW64\drivers\aswRvrt.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 aswVmm;aswVmm; C:\Windows\SysWOW64\drivers\aswVmm.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-24 256904]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 10 led 2014 10:26

Zdravim

Odinstalujte Spybota. Program je zastaraly.

Mate 64bit system, takze bych rad videl log z tohoto RSIT http://images.malwareremoval.com/random/RSITx64.exe

biblbrox · #3 Příspěvek od **biblbrox** » 10 led 2014 15:05

Dobrý deň, Spybot som odinštaloval. Log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lukas at 2014-01-10 15:00:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (19%) free of 226 GB
Total RAM: 1979 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:29, on 10. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4401r36n
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\cb092e8b-e760-47b1-9a17-71ebcca24009.exe /check
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9221 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
taskeng.exe {A4453283-A206-4990-8202-C983A0EE3D4B}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2196.0.1478189786\1229549046" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group17 pct:1j stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_26/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="2196.1.175975324\186465190" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group17 pct:1j stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_26/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="2196.3.1635520453\1551517144" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Lukas\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Lukas\AppData\Local\Smartbar\Application\QuickShare.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2009-04-16 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe [2009-07-10 708608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-09 3764024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"=C:\Program Files\AVAST Software\Avast\setup\emupdate\cb092e8b-e760-47b1-9a17-71ebcca24009.exe [2014-01-09 181136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-10 15:00:23 ----D---- C:\Program Files\trend micro
2014-01-09 19:25:21 ----D---- C:\Users\Lukas\AppData\Roaming\AVAST Software
2014-01-09 19:21:29 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-09 17:56:35 ----D---- C:\rsit
2013-12-26 08:40:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-26 08:40:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-26 08:40:45 ----A---- C:\Windows\system32\ieui.dll
2013-12-26 08:40:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-26 08:40:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-26 08:40:44 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-26 08:40:44 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-26 08:40:43 ----A---- C:\Windows\system32\iesetup.dll
2013-12-26 08:40:43 ----A---- C:\Windows\system32\iernonce.dll
2013-12-26 08:40:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-26 08:40:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-26 08:40:40 ----A---- C:\Windows\system32\mshtml.dll
2013-12-26 08:40:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-26 08:40:39 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-26 08:40:38 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-26 08:40:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-26 08:40:35 ----A---- C:\Windows\system32\iertutil.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-26 08:40:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-26 08:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-12-26 08:40:32 ----A---- C:\Windows\system32\urlmon.dll
2013-12-26 08:40:28 ----A---- C:\Windows\system32\ieframe.dll
2013-12-26 08:40:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-26 08:40:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-26 08:40:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-26 08:40:21 ----A---- C:\Windows\system32\jscript9.dll
2013-12-23 07:25:28 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-23 07:19:17 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-23 07:19:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-23 07:19:07 ----A---- C:\Windows\system32\elshyph.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\wextract.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\webcheck.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\vbscript.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\url.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\occache.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshta.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\jscript.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\inseng.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\imgutil.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iexpress.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iepeers.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-23 07:19:05 ----A---- C:\Windows\system32\icardie.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-21 15:44:30 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-21 15:44:28 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-21 15:44:27 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-21 15:44:23 ----A---- C:\Windows\system32\wmp.dll
2013-12-20 15:05:55 ----A---- C:\Windows\system32\msieftp.dll
2013-12-20 15:05:51 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-20 15:05:47 ----A---- C:\Windows\system32\win32k.sys
2013-12-20 10:17:37 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-20 10:17:36 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-20 10:13:24 ----A---- C:\Windows\system32\cscript.exe
2013-12-20 10:13:23 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-20 10:13:23 ----A---- C:\Windows\system32\scrrun.dll
2013-12-20 10:13:22 ----A---- C:\Windows\system32\wscript.exe
2013-12-20 10:13:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-20 10:13:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-20 10:12:06 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-20 10:12:05 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-20 09:54:50 ----A---- C:\Windows\system32\tzres.dll
2013-12-20 09:54:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-20 09:53:03 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-20 09:53:01 ----A---- C:\Windows\system32\drivers\drmk.sys

======List of files/folders modified in the last 1 month======

2014-01-10 15:00:29 ----D---- C:\Windows\Prefetch
2014-01-10 15:00:24 ----D---- C:\Windows\Temp
2014-01-10 15:00:23 ----RD---- C:\Program Files
2014-01-10 12:45:17 ----D---- C:\Windows\system32\config
2014-01-09 22:41:58 ----D---- C:\Windows\rescache
2014-01-09 22:10:37 ----D---- C:\Windows\system32\drivers
2014-01-09 19:21:39 ----D---- C:\Windows\system32\Tasks
2014-01-09 19:21:28 ----D---- C:\Windows\winsxs
2014-01-09 19:21:27 ----AD---- C:\Windows
2014-01-09 19:21:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-09 19:19:17 ----SHD---- C:\System Volume Information
2014-01-09 19:18:27 ----D---- C:\ProgramData\AVAST Software
2014-01-09 19:09:54 ----D---- C:\Windows\System32
2014-01-09 19:09:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-09 19:09:53 ----D---- C:\Windows\inf
2014-01-09 17:56:53 ----D---- C:\Program Files (x86)\trend micro
2014-01-09 17:52:11 ----D---- C:\Program Files (x86)
2014-01-05 21:32:34 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2014-01-04 16:58:30 ----D---- C:\Windows\system32\catroot2
2014-01-03 21:02:24 ----SHD---- C:\Windows\Installer
2014-01-03 21:02:23 ----D---- C:\ProgramData\Skype
2014-01-03 21:02:22 ----SHD---- C:\Config.Msi
2014-01-03 21:02:12 ----RD---- C:\Program Files (x86)\Skype
2013-12-26 22:18:50 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-26 22:18:49 ----D---- C:\Windows\SysWOW64
2013-12-26 22:18:49 ----D---- C:\Program Files\Internet Explorer
2013-12-26 08:41:13 ----D---- C:\Windows\system32\catroot
2013-12-25 22:30:38 ----D---- C:\Windows\Minidump
2013-12-23 20:04:59 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-23 20:04:58 ----D---- C:\Windows\system32\sk-SK
2013-12-23 20:04:55 ----D---- C:\Windows\SYSWOW64\migration
2013-12-23 20:04:54 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-23 20:04:50 ----D---- C:\Windows\system32\migration
2013-12-23 20:04:50 ----D---- C:\Windows\PolicyDefinitions
2013-12-23 20:04:49 ----D---- C:\Windows\system32\en-US
2013-12-23 07:25:28 ----D---- C:\Windows\Logs
2013-12-21 23:35:38 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-21 23:35:37 ----D---- C:\Program Files\Windows Media Player
2013-12-21 23:35:10 ----D---- C:\Windows\system32\DriverStore
2013-12-21 15:42:35 ----D---- C:\ProgramData\Microsoft Help
2013-12-21 15:36:33 ----D---- C:\Windows\system32\MRT
2013-12-21 15:36:23 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-09 207904]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-09 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-09 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-09 422216]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-09 78648]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-09 79672]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-09 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-11 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-24 256904]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 10 led 2014 22:17

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

biblbrox · #5 Příspěvek od **biblbrox** » 13 led 2014 17:27

Dobrý večer. Ospravedlňujem sa, že som dlhšie nereagoval, bol som pracovne vyťažený.... Log:

# AdwCleaner v3.017 - Report created 13/01/2014 at 17:17:00
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lukas - LUKAS-PC
# Running from : C:\Users\Lukas\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
File Found : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=95bf8686-aa47-454c-90cd-e571760b9cd9&searchtype=ds&q={searchTerms}&installDate=31/03/2013

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : search_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R0].txt - [1709 octets] - [13/01/2014 17:08:03]
AdwCleaner[R1].txt - [1629 octets] - [13/01/2014 17:17:00]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1689 octets] ##########

#6 Příspěvek od **Márty84** » 13 led 2014 19:19

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

biblbrox · #7 Příspěvek od **biblbrox** » 13 led 2014 21:24

Log z AdwCleaner:

# AdwCleaner v3.017 - Report created 13/01/2014 at 19:28:01
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lukas - LUKAS-PC
# Running from : C:\Users\Lukas\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [1709 octets] - [13/01/2014 17:08:03]
AdwCleaner[R1].txt - [1769 octets] - [13/01/2014 17:17:00]
AdwCleaner[R2].txt - [1829 octets] - [13/01/2014 19:26:34]
AdwCleaner[S0].txt - [1590 octets] - [13/01/2014 19:28:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1650 octets] ##########

-------------------------------------------------------------------------------------------------------------------

Log z MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.01.13.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Lukas :: LUKAS-PC [administrátor]

13. 1. 2014 19:41:21
MBAM-log-2014-01-13 (21-16-54).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 362014
Uplynutý čas: 1 hod, 34 min, 53 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 21
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PNEWVI5L\MinibarChrome[1].exe (PUP.Optional.Iminent.A) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYAXDVQ9\LyricsTube[1] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYAXDVQ9\LyricsTube[2] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYAXDVQ9\LyricsTube[3] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYAXDVQ9\MinibarFirefox[1].exe (PUP.Optional.Iminent.A) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYAXDVQ9\pack[1].7z (PUP.Optional.BProtector) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\FoxyLyrics_1060-1051_v116[1] (PUP.Optional.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\iminent[1].msi (PUP.Optional.Iminent.A) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\LyricsTube[1] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\LyricsTube[2] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\LyricsTube[3] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM90RQAV\LyricsTube[4] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU61G3RI\IminentMinibarIE[1].exe (PUP.Optional.Iminent.A) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU61G3RI\LyricsTube[1] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU61G3RI\LyricsTube[2] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU61G3RI\LyricsTube[3] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XU61G3RI\SingAlong[1] (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Temp\lyrcstmp.exe (PUP.Optional.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Temp\lyrictmp.exe (PUP.Optional.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Users\Lukas\AppData\Local\Temp\sngalng.exe (PUP.LyricsAd) -> Žiadna úloha nevykonaná.
C:\Windows\Installer\3f7c9.msi (PUP.Optional.SmartBar.A) -> Žiadna úloha nevykonaná.

(koniec)

#8 Příspěvek od **Márty84** » 14 led 2014 09:39

Vsechny nalezy nechte odstranit, pak MBAM odinstalujte.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

biblbrox · #9 Příspěvek od **biblbrox** » 14 led 2014 10:50

Ok, z MBAM všetko odstránené, Avast bol potichu. Log z RogueKiller:

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Lukas [Práva Správcu]
Režim : Kontrola -- Dátum : 01/14/2014 10:47:24
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] McQcModifier-5c47-a7b0 : C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [-] -> NÁJDENÉ

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 54040e2383064aaf8c1c4105b11d9725
[BSP] 08cc48f99fc1fd4538c6acb305bd374b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12288 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25167872 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25372672 | Size: 226085 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_01142014_104724.txt >>

#10 Příspěvek od **Márty84** » 14 led 2014 10:54

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

biblbrox · #11 Příspěvek od **biblbrox** » 14 led 2014 10:59

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Lukas [Práva Správcu]
Režim : Odebrať -- Dátum : 01/14/2014 10:58:21
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 54040e2383064aaf8c1c4105b11d9725
[BSP] 08cc48f99fc1fd4538c6acb305bd374b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12288 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25167872 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25372672 | Size: 226085 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_01142014_105821.txt >>
RKreport[0]_D_01142014_105527.txt;RKreport[0]_S_01142014_104724.txt;RKreport[0]_S_01142014_105729.txt

biblbrox · #12 Příspěvek od **biblbrox** » 14 led 2014 11:00

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Lukas [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/14/2014 10:59:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[0]_H_01142014_105954.txt >>
RKreport[0]_D_01142014_105527.txt;RKreport[0]_D_01142014_105821.txt;RKreport[0]_S_01142014_104724.txt
RKreport[0]_S_01142014_105729.txt

#13 Příspěvek od **Márty84** » 15 led 2014 09:35

Dejte novy log z RSIT

biblbrox · #14 Příspěvek od **biblbrox** » 15 led 2014 15:44

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukas at 2014-01-15 15:42:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (23%) free of 226 GB
Total RAM: 1979 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:05, on 15. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lukas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w4401r36n
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8635 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"taskhost.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3284.0.1903863154\1190841715" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2202 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group9 pct:10i stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_26/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --enable-software-compositing --channel="3284.1.1209005244\1134165229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group9 pct:10i stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_26/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --disable-accelerated-2d-canvas --disable-accelerated-video-decode --enable-software-compositing --channel="3284.9.413708955\362039944" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Lukas\Downloads\RSITx64 (1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-23 7981600]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper]
C:\Users\Lukas\AppData\Local\Smartbar\Application\QuickShare.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2009-04-16 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2009-04-16 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1808168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~2\Acer\ACERVC~1\AcerVCM.exe [2009-07-10 708608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-09 3764024]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-01-14 11:53:20 ----D---- C:\Program Files\CCleaner
2014-01-14 11:50:56 ----D---- C:\Users\Lukas\AppData\Roaming\MusicNet
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-14 10:47:18 ----A---- C:\Windows\system32\drivers\winusb.sys.bak
2014-01-14 10:47:17 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2014-01-14 10:47:17 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2014-01-14 10:47:17 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-14 10:47:17 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-14 10:47:16 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-14 10:47:16 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-14 10:47:16 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-14 10:47:16 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-14 10:47:16 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2014-01-14 10:47:15 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2014-01-14 10:47:15 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2014-01-14 10:47:15 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-14 10:47:14 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-14 10:47:14 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-14 10:47:14 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-14 10:47:14 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-14 10:47:13 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-14 10:47:13 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2014-01-14 10:47:13 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-14 10:47:13 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-14 10:47:13 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2014-01-14 10:47:12 ----A---- C:\Windows\system32\drivers\usbvideo.sys.bak
2014-01-14 10:47:12 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-14 10:47:12 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-14 10:47:11 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2014-01-14 10:47:11 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-14 10:47:11 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-14 10:47:11 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-14 10:47:10 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-14 10:47:10 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-14 10:47:10 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-14 10:47:10 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-14 10:47:10 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-14 10:47:09 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-14 10:47:09 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys.bak
2014-01-14 10:47:09 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-14 10:47:09 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-14 10:47:08 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-14 10:47:08 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-14 10:47:08 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-14 10:47:08 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-14 10:47:08 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-14 10:47:07 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-14 10:47:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-14 10:47:07 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-14 10:47:07 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-14 10:47:06 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-14 10:47:06 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-14 10:47:06 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-14 10:47:05 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-14 10:47:05 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-14 10:47:04 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-14 10:47:04 ----A---- C:\Windows\system32\drivers\SynTP.sys.bak
2014-01-14 10:47:04 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-14 10:47:03 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-14 10:47:03 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2014-01-14 10:47:03 ----A---- C:\Windows\system32\drivers\stflt.sys.bak
2014-01-14 10:47:02 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2014-01-14 10:47:02 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-14 10:47:02 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-14 10:47:01 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-14 10:47:01 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-14 10:47:01 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-14 10:47:00 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-14 10:47:00 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-14 10:47:00 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-14 10:47:00 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-14 10:46:59 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-14 10:46:59 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-14 10:46:59 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-14 10:46:59 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-14 10:46:58 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-14 10:46:58 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-14 10:46:58 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-14 10:46:58 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-14 10:46:57 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-14 10:46:57 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2014-01-14 10:46:56 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-14 10:46:56 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys.bak
2014-01-14 10:46:56 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-14 10:46:55 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-14 10:46:55 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-14 10:46:55 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-14 10:46:54 ----A---- C:\Windows\system32\drivers\rfcomm.sys.bak
2014-01-14 10:46:54 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2014-01-14 10:46:54 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-14 10:46:54 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2014-01-14 10:46:53 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-14 10:46:53 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-14 10:46:53 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2014-01-14 10:46:53 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-14 10:46:52 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-14 10:46:52 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-14 10:46:52 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-14 10:46:52 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-14 10:46:51 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-14 10:46:51 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-14 10:46:50 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-14 10:46:50 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-14 10:46:50 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-14 10:46:49 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-14 10:46:49 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-14 10:46:48 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2014-01-14 10:46:48 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-14 10:46:48 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-14 10:46:47 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-14 10:46:47 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-14 10:46:47 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-14 10:46:47 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-14 10:46:46 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-14 10:46:46 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-14 10:46:46 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-14 10:46:46 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-14 10:46:46 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-14 10:46:45 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-14 10:46:45 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-14 10:46:44 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-14 10:46:44 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-14 10:46:44 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-14 10:46:43 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-14 10:46:42 ----A---- C:\Windows\system32\drivers\NETw5s64.sys.bak
2014-01-14 10:46:41 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-14 10:46:41 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-14 10:46:40 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-14 10:46:40 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-14 10:46:40 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-14 10:46:40 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-14 10:46:39 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-14 10:46:39 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2014-01-14 10:46:39 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-14 10:46:39 ----A---- C:\Windows\system32\drivers\mwlPSDVDisk.sys.bak
2014-01-14 10:46:38 ----A---- C:\Windows\system32\drivers\mwlPSDNserv.sys.bak
2014-01-14 10:46:38 ----A---- C:\Windows\system32\drivers\mwlPSDFilter.sys.bak
2014-01-14 10:46:38 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-14 10:46:38 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2014-01-14 10:46:38 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-14 10:46:37 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-14 10:46:37 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-14 10:46:37 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-14 10:46:37 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-14 10:46:37 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-14 10:46:36 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-14 10:46:36 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-14 10:46:36 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2014-01-14 10:46:36 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-14 10:46:36 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-14 10:46:35 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-14 10:46:35 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-14 10:46:35 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-14 10:46:35 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-14 10:46:34 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-14 10:46:34 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-14 10:46:34 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-14 10:46:34 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-14 10:46:34 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-14 10:46:33 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-14 10:46:33 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-14 10:46:33 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-14 10:46:33 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-14 10:46:32 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-14 10:46:32 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-14 10:46:32 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-14 10:46:32 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-14 10:46:31 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2014-01-14 10:46:31 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-14 10:46:31 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-14 10:46:31 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-14 10:46:31 ----A---- C:\Windows\system32\drivers\L1C62x64.sys.bak
2014-01-14 10:46:30 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2014-01-14 10:46:30 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2014-01-14 10:46:30 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-14 10:46:30 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-14 10:46:30 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-14 10:46:29 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-14 10:46:29 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-14 10:46:29 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-14 10:46:29 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-14 10:46:28 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-14 10:46:28 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-14 10:46:28 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-14 10:46:28 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-14 10:46:27 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-14 10:46:27 ----A---- C:\Windows\system32\drivers\IntcHdmi.sys.bak
2014-01-14 10:46:25 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-14 10:46:23 ----A---- C:\Windows\system32\drivers\igdkmd64.sys.bak
2014-01-14 10:46:22 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-14 10:46:22 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-14 10:46:22 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-14 10:46:21 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2014-01-14 10:46:21 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-14 10:46:21 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2014-01-14 10:46:20 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-14 10:46:20 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-14 10:46:20 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-14 10:46:20 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-14 10:46:20 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-14 10:46:19 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2014-01-14 10:46:19 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2014-01-14 10:46:19 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-14 10:46:19 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2014-01-14 10:46:18 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-14 10:46:18 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-14 10:46:18 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2014-01-14 10:46:18 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-14 10:46:17 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2014-01-14 10:46:17 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-14 10:46:17 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-14 10:46:17 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-14 10:46:16 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-14 10:46:16 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-14 10:46:16 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-14 10:46:15 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-14 10:46:14 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2014-01-14 10:46:14 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-14 10:46:13 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-14 10:46:13 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2014-01-14 10:46:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-14 10:46:12 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-14 10:46:12 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-14 10:46:12 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2014-01-14 10:46:12 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-14 10:46:12 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-14 10:46:11 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-14 10:46:11 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-14 10:46:11 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-14 10:46:11 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2014-01-14 10:46:11 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-14 10:46:10 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-14 10:46:10 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-14 10:46:10 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2014-01-14 10:46:10 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-14 10:46:10 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2014-01-14 10:46:09 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-14 10:46:09 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-14 10:46:09 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-14 10:46:09 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-14 10:46:08 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-14 10:46:08 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-14 10:46:08 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2014-01-14 10:46:08 ----A---- C:\Windows\system32\drivers\btwrchid.sys.bak
2014-01-14 10:46:07 ----A---- C:\Windows\system32\drivers\btwl2cap.sys.bak
2014-01-14 10:46:07 ----A---- C:\Windows\system32\drivers\btwavdt.sys.bak
2014-01-14 10:46:07 ----A---- C:\Windows\system32\drivers\btwaudio.sys.bak
2014-01-14 10:46:06 ----A---- C:\Windows\system32\drivers\btusbflt.sys.bak
2014-01-14 10:46:06 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS.bak
2014-01-14 10:46:06 ----A---- C:\Windows\system32\drivers\bthport.sys.bak
2014-01-14 10:46:06 ----A---- C:\Windows\system32\drivers\bthpan.sys.bak
2014-01-14 10:46:05 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-14 10:46:05 ----A---- C:\Windows\system32\drivers\bthenum.sys.bak
2014-01-14 10:46:05 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-14 10:46:05 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-14 10:46:05 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-14 10:46:04 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-14 10:46:04 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-14 10:46:04 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-14 10:46:03 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-14 10:46:03 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-14 10:46:03 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-14 10:46:03 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-14 10:46:02 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-14 10:46:02 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2014-01-14 10:46:01 ----A---- C:\Windows\system32\drivers\athrx.sys.bak
2014-01-14 10:46:01 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-14 10:46:01 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-14 10:46:01 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-14 10:46:00 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-14 10:46:00 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-14 10:45:59 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2014-01-14 10:45:59 ----A---- C:\Windows\system32\drivers\AmUStor.sys.bak
2014-01-14 10:45:59 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2014-01-14 10:45:59 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2014-01-14 10:45:58 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2014-01-14 10:45:58 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2014-01-14 10:45:58 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-14 10:45:58 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-14 10:45:57 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-14 10:45:57 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-14 10:45:57 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2014-01-14 10:45:56 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-14 10:45:55 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-14 10:45:55 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-14 10:45:54 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-14 10:45:53 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2014-01-14 10:45:53 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-14 10:45:53 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2014-01-14 10:45:50 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-13 19:37:36 ----D---- C:\Users\Lukas\AppData\Roaming\Malwarebytes
2014-01-13 19:37:09 ----D---- C:\ProgramData\Malwarebytes
2014-01-13 17:07:32 ----D---- C:\AdwCleaner
2014-01-10 15:00:23 ----D---- C:\Program Files\trend micro
2014-01-09 19:25:21 ----D---- C:\Users\Lukas\AppData\Roaming\AVAST Software
2014-01-09 19:21:29 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-09 17:56:35 ----D---- C:\rsit
2013-12-26 08:40:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-26 08:40:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-26 08:40:45 ----A---- C:\Windows\system32\ieui.dll
2013-12-26 08:40:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-26 08:40:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-26 08:40:44 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-26 08:40:44 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-26 08:40:43 ----A---- C:\Windows\system32\iesetup.dll
2013-12-26 08:40:43 ----A---- C:\Windows\system32\iernonce.dll
2013-12-26 08:40:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-26 08:40:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-26 08:40:40 ----A---- C:\Windows\system32\mshtml.dll
2013-12-26 08:40:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-26 08:40:39 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-26 08:40:38 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-26 08:40:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-26 08:40:35 ----A---- C:\Windows\system32\iertutil.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-26 08:40:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-26 08:40:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-26 08:40:33 ----A---- C:\Windows\system32\wininet.dll
2013-12-26 08:40:32 ----A---- C:\Windows\system32\urlmon.dll
2013-12-26 08:40:28 ----A---- C:\Windows\system32\ieframe.dll
2013-12-26 08:40:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-26 08:40:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-26 08:40:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-26 08:40:21 ----A---- C:\Windows\system32\jscript9.dll
2013-12-23 07:25:28 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-23 07:19:17 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-23 07:19:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-23 07:19:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-23 07:19:07 ----A---- C:\Windows\system32\elshyph.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-23 07:19:06 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msrating.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msls31.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-23 07:19:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-23 07:19:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\wextract.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\webcheck.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\vbscript.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\url.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\occache.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\mshta.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\jscript.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\inseng.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\imgutil.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iexpress.exe
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iepeers.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\icardie.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-23 07:19:05 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-21 15:44:30 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-21 15:44:28 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-21 15:44:27 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-21 15:44:23 ----A---- C:\Windows\system32\wmp.dll
2013-12-20 15:05:55 ----A---- C:\Windows\system32\msieftp.dll
2013-12-20 15:05:51 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-20 15:05:47 ----A---- C:\Windows\system32\win32k.sys
2013-12-20 10:17:37 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-20 10:17:36 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-20 10:13:24 ----A---- C:\Windows\system32\cscript.exe
2013-12-20 10:13:23 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-20 10:13:23 ----A---- C:\Windows\system32\scrrun.dll
2013-12-20 10:13:22 ----A---- C:\Windows\system32\wscript.exe
2013-12-20 10:13:21 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-20 10:13:21 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-20 10:12:06 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-20 10:12:05 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-20 09:54:50 ----A---- C:\Windows\system32\tzres.dll
2013-12-20 09:54:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-20 09:53:03 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-20 09:53:01 ----A---- C:\Windows\system32\drivers\drmk.sys

======List of files/folders modified in the last 1 months======

2014-01-15 15:43:05 ----D---- C:\Windows\Prefetch
2014-01-15 15:43:04 ----D---- C:\Windows\Temp
2014-01-15 09:03:50 ----D---- C:\Windows\system32\config
2014-01-15 08:53:37 ----D---- C:\Windows\system32\catroot2
2014-01-15 08:53:37 ----D---- C:\Windows\system32\catroot
2014-01-14 13:21:32 ----SHD---- C:\System Volume Information
2014-01-14 11:58:20 ----D---- C:\Windows\inf
2014-01-14 11:57:59 ----AD---- C:\Windows
2014-01-14 11:56:07 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2014-01-14 11:55:51 ----D---- C:\Windows\Panther
2014-01-14 11:55:51 ----D---- C:\Windows\ModemLogs
2014-01-14 11:55:50 ----D---- C:\Windows\Minidump
2014-01-14 11:55:50 ----D---- C:\Windows\Logs
2014-01-14 11:55:50 ----D---- C:\Windows\debug
2014-01-14 11:53:26 ----D---- C:\Windows\system32\Tasks
2014-01-14 11:53:20 ----RD---- C:\Program Files
2014-01-14 11:51:44 ----D---- C:\Program Files (x86)
2014-01-14 11:51:39 ----HD---- C:\ProgramData
2014-01-14 10:57:24 ----D---- C:\Windows\system32\drivers
2014-01-14 10:28:22 ----SHD---- C:\Windows\Installer
2014-01-10 15:03:46 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-10 15:03:45 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-01-09 22:41:58 ----D---- C:\Windows\rescache
2014-01-09 19:21:28 ----D---- C:\Windows\winsxs
2014-01-09 19:21:25 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-09 19:18:27 ----D---- C:\ProgramData\AVAST Software
2014-01-09 19:09:54 ----D---- C:\Windows\System32
2014-01-09 19:09:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-09 17:56:53 ----D---- C:\Program Files (x86)\trend micro
2014-01-03 21:02:23 ----D---- C:\ProgramData\Skype
2014-01-03 21:02:22 ----SHD---- C:\Config.Msi
2014-01-03 21:02:12 ----RD---- C:\Program Files (x86)\Skype
2013-12-26 22:18:50 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-26 22:18:49 ----D---- C:\Windows\SysWOW64
2013-12-26 22:18:49 ----D---- C:\Program Files\Internet Explorer
2013-12-23 20:04:59 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-23 20:04:58 ----D---- C:\Windows\system32\sk-SK
2013-12-23 20:04:55 ----D---- C:\Windows\SYSWOW64\migration
2013-12-23 20:04:54 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-23 20:04:50 ----D---- C:\Windows\system32\migration
2013-12-23 20:04:50 ----D---- C:\Windows\PolicyDefinitions
2013-12-23 20:04:49 ----D---- C:\Windows\system32\en-US
2013-12-21 23:35:38 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-21 23:35:37 ----D---- C:\Program Files\Windows Media Player
2013-12-21 23:35:10 ----D---- C:\Windows\system32\DriverStore
2013-12-21 15:42:35 ----D---- C:\ProgramData\Microsoft Help
2013-12-21 15:38:49 ----D---- C:\Windows\system32\MRT
2013-12-21 15:36:23 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-09 207904]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-09 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-09 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-09 422216]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-09 78648]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-09 79672]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-23 1967648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-09 139264]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-04-27 57344]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 272432]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-09 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-11 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-24 256904]

-----------------EOF-----------------

#15 Příspěvek od **Márty84** » 16 led 2014 09:56

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

8.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Poprosím o kontrolu logu

Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu

Re: Poprosím o kontrolu logu