Moje příbuzná mě poprosila abych ji vyčistil pc od virů.Rozbalila podvojný email který se rozšířil do pc
a napadl ji internet banking od Spořitelny.Spořitelna ji banking zablokovala do doby než si odviruje pc.
Díky za pomoc zde je log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-17 20:26:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 186 GB (78%) free of 238 GB
Total RAM: 2005 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:00, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9040 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:192 CREDAT:267521 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:192 CREDAT:3872029 /prefetch:2
"C:\Users\DELL\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3379445404-1002129414-2228845991-10005_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3379445404-1002129414-2228845991-10005 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\DELL\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
======List of files/folders modified in the last 1 month======
2015-04-17 20:26:59 ----D---- C:\Windows\Temp
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 20:14:49 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-17 17:39:23 ----D---- C:\Windows\system32\config
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-17 16:55:16 ----D---- C:\Windows\system32\drivers
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirované PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirované PC
# AdwCleaner v4.201 - Log vytvořen 17/04/2015 v 20:57:46
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : DELL - DELL-PC
# Spuštěno z : C:\Users\DELL\Desktop\adwcleaner_4.201.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.90
*************************
AdwCleaner[R0].txt - [1020 bytů] - [17/04/2015 20:57:46]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1078 bytů] ##########
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : DELL - DELL-PC
# Spuštěno z : C:\Users\DELL\Desktop\adwcleaner_4.201.exe
# Nastavení : Sken
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.90
*************************
AdwCleaner[R0].txt - [1020 bytů] - [17/04/2015 20:57:46]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1078 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirované PC
Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-17 21:37:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 185 GB (78%) free of 238 GB
Total RAM: 2005 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:03, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9040 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:529665 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
"C:\Users\DELL\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
======List of files/folders modified in the last 1 month======
2015-04-17 21:38:03 ----D---- C:\Windows\Temp
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 21:03:43 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-17 21:00:55 ----D---- C:\Windows\system32\config
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
Run by DELL at 2015-04-17 21:37:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 185 GB (78%) free of 238 GB
Total RAM: 2005 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:03, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9040 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:529665 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
"C:\Users\DELL\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
======List of files/folders modified in the last 1 month======
2015-04-17 21:38:03 ----D---- C:\Windows\Temp
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 21:03:43 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-17 21:00:55 ----D---- C:\Windows\system32\config
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirované PC
Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-18 14:16:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (78%) free of 238 GB
Total RAM: 2005 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:04, on 18.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8594 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
taskeng.exe {F1B92EAA-2BB0-4331-A3D8-8FED7C53A6AE}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:196 CREDAT:267521 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\DELL\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-18 14:05:53 ----D---- C:\_OTM
2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
======List of files/folders modified in the last 1 month======
2015-04-18 14:16:03 ----D---- C:\Windows\Temp
2015-04-18 14:12:56 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-18 14:06:20 ----D---- C:\Windows\Tasks
2015-04-18 14:06:20 ----D---- C:\Program Files (x86)\Google
2015-04-18 14:02:11 ----D---- C:\Windows\system32\config
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcH
Run by DELL at 2015-04-18 14:16:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (78%) free of 238 GB
Total RAM: 2005 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:04, on 18.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8594 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
taskeng.exe {F1B92EAA-2BB0-4331-A3D8-8FED7C53A6AE}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:196 CREDAT:267521 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\DELL\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-18 14:05:53 ----D---- C:\_OTM
2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
======List of files/folders modified in the last 1 month======
2015-04-18 14:16:03 ----D---- C:\Windows\Temp
2015-04-18 14:12:56 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-18 14:06:20 ----D---- C:\Windows\Tasks
2015-04-18 14:06:20 ----D---- C:\Program Files (x86)\Google
2015-04-18 14:02:11 ----D---- C:\Windows\system32\config
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcH
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirované PC
Určitě nastala,počítač je daleko svižnější,všechno běhá rychle.
Vypadá to dobře,myslíte že už spořka ji tam zase může dát internet banking?
Vypadá to dobře,myslíte že už spořka ji tam zase může dát internet banking?
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Ještě bych udělal sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirované PC
Vše čisté nic nenašel.
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirované PC
Můžete IB klidně zprovoznit. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?