VIRY.CZ

Zdravím,
chtěl bych poprosit o pomoc s ntb, je velice pomalý, disk neustále pracuje (i když se na ntb nic nedělá). Občas se ani nejde připojit na internet (přenosný O2 USB modem) nebo je internet pomalý tak, že jsem měl podezření na vadu daného modemu, ale na jiném pc funguje normálně.

Budu rád za každou pomoc

Mockrát děkuji




přikládám log z RSIT
----------------------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by spravce at 2014-11-26 16:36:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 225 GB (77%) free of 291 GB
Total RAM: 2811 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:09, on 26.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\spravce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9632 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskeng.exe {CEB9578F-76C1-491C-BA36-8588E2812ED3}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe"
"taskhost.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
ngservice.exe pipeserver
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2888.0.1792539399\419014112" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.713.3.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2888.2.1238910483\879213047" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2888.5.1950476756\1952494166" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 36133DF8-F3CB-9C76-4998-902B91349DB0 -Reinvoke
"C:\Users\spravce\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-15 9644576]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-16 206208]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-03-09 258560]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-29 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-03-11 1541472]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-26 16:36:02 ----D---- C:\rsit
2014-11-26 16:36:02 ----D---- C:\Program Files\trend micro
2014-11-26 15:51:15 ----D---- C:\Users\spravce\AppData\Roaming\Nero
2014-11-26 15:39:35 ----D---- C:\Program Files\Speccy
2014-11-26 13:13:47 ----D---- C:\Users\spravce\AppData\Roaming\AVAST Software
2014-11-26 13:13:44 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-26 13:13:44 ----D---- C:\Windows\system32\vbox
2014-11-26 13:12:22 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-11-26 13:12:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-11-26 13:12:18 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-11-26 13:12:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-11-26 13:12:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-11-26 13:12:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-11-26 13:12:10 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-11-26 13:12:04 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-11-26 13:11:59 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 13:11:44 ----A---- C:\Windows\avastSS.scr
2014-11-26 13:10:27 ----D---- C:\Program Files\AVAST Software
2014-11-26 13:09:37 ----D---- C:\ProgramData\AVAST Software
2014-11-26 10:07:40 ----D---- C:\Users\spravce\AppData\Roaming\TuneUp Software
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\kerberos.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-13 11:44:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-13 11:44:48 ----A---- C:\Windows\system32\credssp.dll
2014-11-13 11:44:41 ----A---- C:\Windows\system32\generaltel.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aepdu.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aeinv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\termsrv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 11:44:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 11:44:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 11:44:30 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\iernonce.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-13 11:43:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-13 11:43:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\urlmon.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 11:43:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\iesetup.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-13 11:43:52 ----A---- C:\Windows\system32\iertutil.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieui.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieframe.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\wininet.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\vbscript.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\jscript9.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\msrating.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-13 11:43:46 ----A---- C:\Windows\system32\mshtml.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-13 11:42:22 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-13 11:42:22 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-13 11:42:18 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 11:42:18 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-13 11:40:40 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 11:40:38 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 11:40:38 ----A---- C:\Windows\system32\packager.dll
2014-11-13 11:40:34 ----A---- C:\Windows\system32\msi.dll
2014-11-13 11:40:33 ----A---- C:\Windows\SYSWOW64\msi.dll

======List of files/folders modified in the last 1 month======

2014-11-26 16:36:05 ----D---- C:\Windows\Temp
2014-11-26 16:36:02 ----RD---- C:\Program Files
2014-11-26 16:10:34 ----D---- C:\Windows\System32
2014-11-26 16:10:34 ----D---- C:\Windows\inf
2014-11-26 16:10:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-26 15:31:04 ----D---- C:\Windows\system32\config
2014-11-26 15:23:29 ----RD---- C:\Program Files (x86)
2014-11-26 13:18:31 ----D---- C:\Windows\system32\drivers
2014-11-26 13:15:06 ----SHD---- C:\System Volume Information
2014-11-26 13:13:44 ----D---- C:\Windows\SysWOW64
2014-11-26 13:12:35 ----D---- C:\Windows\system32\Tasks
2014-11-26 13:12:01 ----D---- C:\Windows\winsxs
2014-11-26 13:11:53 ----D---- C:\Windows
2014-11-26 13:09:37 ----HD---- C:\ProgramData
2014-11-26 10:22:07 ----D---- C:\Windows\Prefetch
2014-11-26 10:15:52 ----D---- C:\ProgramData\Partner
2014-11-26 10:15:52 ----D---- C:\Program Files\Google
2014-11-26 10:15:51 ----SHD---- C:\Config.Msi
2014-11-26 10:15:51 ----D---- C:\Program Files (x86)\Google
2014-11-26 10:14:26 ----D---- C:\ProgramData\Google
2014-11-26 10:14:23 ----SHD---- C:\Windows\Installer
2014-11-26 10:12:24 ----D---- C:\ProgramData\MFAData
2014-11-26 10:08:33 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-26 10:05:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-23 10:06:15 ----D---- C:\ProgramData\boost_interprocess
2014-11-21 09:24:40 ----D---- C:\Windows\system32\catroot2
2014-11-19 09:20:25 ----D---- C:\Windows\system32\catroot
2014-11-19 09:15:37 ----D---- C:\Windows\system32\NDF
2014-11-18 12:03:02 ----D---- C:\Windows\rescache
2014-11-18 10:55:51 ----D---- C:\Windows\Microsoft.NET
2014-11-15 15:55:59 ----RSD---- C:\Windows\assembly
2014-11-14 16:45:25 ----D---- C:\Windows\Tasks
2014-11-14 16:19:20 ----SD---- C:\Windows\system32\CompatTel
2014-11-14 16:19:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-14 16:19:19 ----D---- C:\Windows\system32\cs-CZ
2014-11-14 16:19:18 ----D---- C:\Program Files\Internet Explorer
2014-11-14 16:19:16 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-14 16:19:14 ----D---- C:\Windows\system32\en-US
2014-11-14 16:19:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 13:06:28 ----D---- C:\Windows\system32\MRT
2014-11-13 13:03:21 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 11:37:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-26 271752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-29 6405632]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-29 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-15 2225952]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-20 321064]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-29 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-26 4012248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13 267440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-10 867080]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [2009-10-10 238328]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

tady je log z AdwCleaneru:


------------
# AdwCleaner v4.102 - Report created 26/11/2014 at 18:46:42
# Updated 23/11/2014 by Xplode
# Database : 2014-11-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : spravce - PB_EASY_NTB
# Running from : C:\Users\spravce\Desktop\adwcleaner_4.102.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\spravce\AppData\LocalLow\AVG Security Toolbar
File Deleted : C:\Users\spravce\AppData\Local\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.65


*************************

AdwCleaner[R0].txt - [2570 octets] - [26/11/2014 18:43:01]
AdwCleaner[S0].txt - [2486 octets] - [26/11/2014 18:46:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2546 octets] ##########

Dejte nový log RSIT.

posílám nový log a předem mockrát děkuji za ochotu


--
Logfile of random's system information tool 1.10 (written by random/random)
Run by spravce at 2014-11-26 19:51:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 225 GB (77%) free of 291 GB
Total RAM: 2811 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:56, on 26.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\spravce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9480 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {62AB2496-DE14-4ED8-8F26-A1132A98CE0D}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
ngservice.exe pipeserver
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4056.0.1481609494\1082430611" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x9712 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.713.3.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4056.2.461272090\482380768" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4056.4.424442068\639806433" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv

"C:\Users\spravce\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-15 9644576]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-16 206208]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-03-09 258560]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-29 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-03-11 1541472]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-26 18:41:35 ----D---- C:\AdwCleaner
2014-11-26 16:36:02 ----D---- C:\rsit
2014-11-26 16:36:02 ----D---- C:\Program Files\trend micro
2014-11-26 15:51:15 ----D---- C:\Users\spravce\AppData\Roaming\Nero
2014-11-26 15:39:35 ----D---- C:\Program Files\Speccy
2014-11-26 13:13:47 ----D---- C:\Users\spravce\AppData\Roaming\AVAST Software
2014-11-26 13:13:44 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-26 13:13:44 ----D---- C:\Windows\system32\vbox
2014-11-26 13:12:22 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-11-26 13:12:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-11-26 13:12:18 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-11-26 13:12:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-11-26 13:12:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-11-26 13:12:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-11-26 13:12:10 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-11-26 13:12:04 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-11-26 13:11:59 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 13:11:44 ----A---- C:\Windows\avastSS.scr
2014-11-26 13:10:27 ----D---- C:\Program Files\AVAST Software
2014-11-26 13:09:37 ----D---- C:\ProgramData\AVAST Software
2014-11-26 10:07:40 ----D---- C:\Users\spravce\AppData\Roaming\TuneUp Software
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\kerberos.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-13 11:44:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-13 11:44:48 ----A---- C:\Windows\system32\credssp.dll
2014-11-13 11:44:41 ----A---- C:\Windows\system32\generaltel.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aepdu.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aeinv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\termsrv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 11:44:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 11:44:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 11:44:30 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\iernonce.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-13 11:43:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-13 11:43:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\urlmon.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 11:43:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\iesetup.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-13 11:43:52 ----A---- C:\Windows\system32\iertutil.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieui.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieframe.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\wininet.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\vbscript.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\jscript9.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\msrating.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-13 11:43:46 ----A---- C:\Windows\system32\mshtml.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-13 11:42:22 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-13 11:42:22 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-13 11:42:18 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 11:42:18 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-13 11:40:40 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 11:40:38 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 11:40:38 ----A---- C:\Windows\system32\packager.dll
2014-11-13 11:40:34 ----A---- C:\Windows\system32\msi.dll
2014-11-13 11:40:33 ----A---- C:\Windows\SYSWOW64\msi.dll

======List of files/folders modified in the last 1 month======

2014-11-26 19:51:55 ----D---- C:\Windows\Temp
2014-11-26 19:03:53 ----D---- C:\Windows\system32\config
2014-11-26 18:52:01 ----D---- C:\Windows\System32
2014-11-26 18:46:42 ----HD---- C:\ProgramData
2014-11-26 17:36:14 ----SHD---- C:\System Volume Information
2014-11-26 16:36:02 ----RD---- C:\Program Files
2014-11-26 16:10:34 ----D---- C:\Windows\inf
2014-11-26 16:10:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-26 15:23:29 ----RD---- C:\Program Files (x86)
2014-11-26 13:18:31 ----D---- C:\Windows\system32\drivers
2014-11-26 13:13:44 ----D---- C:\Windows\SysWOW64
2014-11-26 13:12:35 ----D---- C:\Windows\system32\Tasks
2014-11-26 13:12:01 ----D---- C:\Windows\winsxs
2014-11-26 13:11:53 ----D---- C:\Windows
2014-11-26 10:22:07 ----D---- C:\Windows\Prefetch
2014-11-26 10:15:52 ----D---- C:\Program Files\Google
2014-11-26 10:15:51 ----SHD---- C:\Config.Msi
2014-11-26 10:15:51 ----D---- C:\Program Files (x86)\Google
2014-11-26 10:14:26 ----D---- C:\ProgramData\Google
2014-11-26 10:14:23 ----SHD---- C:\Windows\Installer
2014-11-26 10:12:24 ----D---- C:\ProgramData\MFAData
2014-11-26 10:08:33 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-26 10:05:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-23 10:06:15 ----D---- C:\ProgramData\boost_interprocess
2014-11-21 09:24:40 ----D---- C:\Windows\system32\catroot2
2014-11-19 09:20:25 ----D---- C:\Windows\system32\catroot
2014-11-19 09:15:37 ----D---- C:\Windows\system32\NDF
2014-11-18 12:03:02 ----D---- C:\Windows\rescache
2014-11-18 10:55:51 ----D---- C:\Windows\Microsoft.NET
2014-11-15 15:55:59 ----RSD---- C:\Windows\assembly
2014-11-14 16:45:25 ----D---- C:\Windows\Tasks
2014-11-14 16:19:20 ----SD---- C:\Windows\system32\CompatTel
2014-11-14 16:19:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-14 16:19:19 ----D---- C:\Windows\system32\cs-CZ
2014-11-14 16:19:18 ----D---- C:\Program Files\Internet Explorer
2014-11-14 16:19:16 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-14 16:19:14 ----D---- C:\Windows\system32\en-US
2014-11-14 16:19:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 13:06:28 ----D---- C:\Windows\system32\MRT
2014-11-13 13:03:21 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 11:37:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-26 271752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-29 6405632]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-29 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-15 2225952]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-20 321064]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-29 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-26 4012248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13 267440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-10 867080]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [2009-10-10 238328]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Posílám nový log RSIT a ''report'' z OTM:

OTM:
-------


All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: spravce
->Temp folder emptied: 460454848 bytes
->Temporary Internet Files folder emptied: 910838220 bytes
->Google Chrome cache emptied: 37422718 bytes
->Flash cache emptied: 46297 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1120577679 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40226 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36048490 bytes
RecycleBin emptied: 1850756 bytes

Total Files Cleaned = 2,448.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: spravce
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11262014_200732

Files moved on Reboot...
C:\Users\spravce\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\spravce\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------



nový log RSIT:
-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by spravce at 2014-11-26 20:34:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 227 GB (78%) free of 291 GB
Total RAM: 2811 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:34:19, on 26.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\spravce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9298 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {EABE6B37-3ACB-45C6-A7F3-A5E8ED8D0814}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe"
atieclxx
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
ngservice.exe pipeserver
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\spravce\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-15 9644576]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-16 206208]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [2010-03-09 258560]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-29 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-03-03 1300560]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-03-11 1541472]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-26 20:07:32 ----D---- C:\_OTM
2014-11-26 18:41:35 ----D---- C:\AdwCleaner
2014-11-26 16:36:02 ----D---- C:\rsit
2014-11-26 16:36:02 ----D---- C:\Program Files\trend micro
2014-11-26 15:51:15 ----D---- C:\Users\spravce\AppData\Roaming\Nero
2014-11-26 15:39:35 ----D---- C:\Program Files\Speccy
2014-11-26 13:13:47 ----D---- C:\Users\spravce\AppData\Roaming\AVAST Software
2014-11-26 13:13:44 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-26 13:13:44 ----D---- C:\Windows\system32\vbox
2014-11-26 13:12:22 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-11-26 13:12:20 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-11-26 13:12:18 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-11-26 13:12:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-11-26 13:12:14 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-11-26 13:12:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-11-26 13:12:10 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-11-26 13:12:04 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-11-26 13:11:59 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 13:11:44 ----A---- C:\Windows\avastSS.scr
2014-11-26 13:10:27 ----D---- C:\Program Files\AVAST Software
2014-11-26 13:09:37 ----D---- C:\ProgramData\AVAST Software
2014-11-26 10:07:40 ----D---- C:\Users\spravce\AppData\Roaming\TuneUp Software
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 09:24:29 ----A---- C:\Windows\system32\kerberos.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 11:44:51 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 11:44:50 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\wdigest.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-13 11:44:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-13 11:44:48 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-13 11:44:48 ----A---- C:\Windows\system32\credssp.dll
2014-11-13 11:44:41 ----A---- C:\Windows\system32\generaltel.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aepdu.dll
2014-11-13 11:44:40 ----A---- C:\Windows\system32\aeinv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\termsrv.dll
2014-11-13 11:44:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 11:44:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 11:44:32 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 11:44:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 11:44:30 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-13 11:44:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-13 11:44:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-13 11:43:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\iernonce.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-13 11:43:59 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-13 11:43:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-13 11:43:58 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-13 11:43:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-13 11:43:56 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-13 11:43:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\urlmon.dll
2014-11-13 11:43:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-13 11:43:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 11:43:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-13 11:43:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\iesetup.dll
2014-11-13 11:43:53 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-13 11:43:52 ----A---- C:\Windows\system32\iertutil.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-13 11:43:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-13 11:43:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-13 11:43:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieui.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\ieframe.dll
2014-11-13 11:43:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-13 11:43:49 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\wininet.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\vbscript.dll
2014-11-13 11:43:48 ----A---- C:\Windows\system32\jscript9.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\msrating.dll
2014-11-13 11:43:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-13 11:43:46 ----A---- C:\Windows\system32\mshtml.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-13 11:42:27 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 11:42:25 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-13 11:42:22 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-13 11:42:22 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-13 11:42:18 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 11:42:18 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-13 11:40:40 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 11:40:38 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 11:40:38 ----A---- C:\Windows\system32\packager.dll
2014-11-13 11:40:34 ----A---- C:\Windows\system32\msi.dll
2014-11-13 11:40:33 ----A---- C:\Windows\SYSWOW64\msi.dll

======List of files/folders modified in the last 1 month======

2014-11-26 20:33:58 ----D---- C:\Windows\Temp
2014-11-26 20:32:56 ----D---- C:\Windows\System32
2014-11-26 20:30:55 ----D---- C:\Windows\system32\config
2014-11-26 20:07:33 ----D---- C:\Windows\Tasks
2014-11-26 18:46:42 ----HD---- C:\ProgramData
2014-11-26 17:36:14 ----SHD---- C:\System Volume Information
2014-11-26 16:36:02 ----RD---- C:\Program Files
2014-11-26 16:10:34 ----D---- C:\Windows\inf
2014-11-26 16:10:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-26 15:23:29 ----RD---- C:\Program Files (x86)
2014-11-26 13:18:31 ----D---- C:\Windows\system32\drivers
2014-11-26 13:13:44 ----D---- C:\Windows\SysWOW64
2014-11-26 13:12:35 ----D---- C:\Windows\system32\Tasks
2014-11-26 13:12:01 ----D---- C:\Windows\winsxs
2014-11-26 13:11:53 ----D---- C:\Windows
2014-11-26 10:22:07 ----D---- C:\Windows\Prefetch
2014-11-26 10:15:52 ----D---- C:\Program Files\Google
2014-11-26 10:15:51 ----SHD---- C:\Config.Msi
2014-11-26 10:15:51 ----D---- C:\Program Files (x86)\Google
2014-11-26 10:14:26 ----D---- C:\ProgramData\Google
2014-11-26 10:14:23 ----SHD---- C:\Windows\Installer
2014-11-26 10:12:24 ----D---- C:\ProgramData\MFAData
2014-11-26 10:08:33 ----D---- C:\Windows\SYSWOW64\drivers
2014-11-26 10:05:09 ----D---- C:\Program Files (x86)\Common Files
2014-11-23 10:06:15 ----D---- C:\ProgramData\boost_interprocess
2014-11-21 09:24:40 ----D---- C:\Windows\system32\catroot2
2014-11-19 09:20:25 ----D---- C:\Windows\system32\catroot
2014-11-19 09:15:37 ----D---- C:\Windows\system32\NDF
2014-11-18 12:03:02 ----D---- C:\Windows\rescache
2014-11-18 10:55:51 ----D---- C:\Windows\Microsoft.NET
2014-11-15 15:55:59 ----RSD---- C:\Windows\assembly
2014-11-14 16:19:20 ----SD---- C:\Windows\system32\CompatTel
2014-11-14 16:19:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-14 16:19:19 ----D---- C:\Windows\system32\cs-CZ
2014-11-14 16:19:18 ----D---- C:\Program Files\Internet Explorer
2014-11-14 16:19:16 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-14 16:19:14 ----D---- C:\Windows\system32\en-US
2014-11-14 16:19:11 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 13:06:28 ----D---- C:\Windows\system32\MRT
2014-11-13 13:03:21 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 11:37:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-26 271752]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-29 6405632]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-29 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-15 2225952]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-20 321064]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-29 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2010-03-09 250368]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-26 4012248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13 267440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-10 867080]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [2009-10-10 238328]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Dvouklikem na soubor C:\Program Files\trend micro\spravce.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Dobrý večer,
myslíte, že je hotovo, nebo mě doporučíte ještě nějaké úkony? Po restartu musím uznat, že ntb se celkově zklidnil a je svižnější (hdd v klidu už pořád ''nechroupe'', využití cpu je v klidu 0-1% - původně mezi 15-40%, využití ramek spadlo na nějakých 0,9GB - původně jsem měl 1,6GB). Internet běží také rychleji, takže velká spokojenost.

Jinak zatím děkuji za pomoc

V tom případě je všchno OK. Nemáte zač!

Dobrý den,
nezlobte se, ale dnes se objevil boužel nový problém. Po zapnutí ntb tak asi po 3 minutách se začnou vytěžovat ramky na maximum 3GB a po asi 10-15ti minutách to teprve klesne na 1GB, nejvíce v tu chvíli vytěžuje proces svchost.exe. Nevíte co by mohlo způsobovat ? Po těch 15minutách je pak ntb naprosto v pořádku, ale během těch 15minut je to velmi pomalé

Předem děkuji za jakoukoliv radu

Pravděpodobně je tam nějaká síť. aktivita (svchost řídí síť. služby). Nestahuje se nějaká aktualizace?

Zdravím,
tak problém se nakonec vyřešil sám. Již je vše OK. Aktualizace se žádná nestahovala, ale zřejmě nějaká síť aktivita tam byla (jak jste psal výše), ale již to nedělá a vše pracuje jak má.

Mějte se hezky a ještě jednou děkuji

Rádo se stalo!