VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zavirované PC

https://forum.viry.cz:443/viewtopic.php?t=144012

Stránka 1 z 1

Zavirované PC

Napsal: 17 dub 2015 19:31
od falcao
Moje příbuzná mě poprosila abych ji vyčistil pc od virů.Rozbalila podvojný email který se rozšířil do pc
a napadl ji internet banking od Spořitelny.Spořitelna ji banking zablokovala do doby než si odviruje pc.
Díky za pomoc zde je log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-17 20:26:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 186 GB (78%) free of 238 GB
Total RAM: 2005 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:00, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9040 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:192 CREDAT:267521 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:192 CREDAT:3872029 /prefetch:2

"C:\Users\DELL\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3379445404-1002129414-2228845991-10005_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3379445404-1002129414-2228845991-10005 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\DELL\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys

======List of files/folders modified in the last 1 month======

2015-04-17 20:26:59 ----D---- C:\Windows\Temp
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 20:14:49 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-17 17:39:23 ----D---- C:\Windows\system32\config
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-17 16:55:16 ----D---- C:\Windows\system32\drivers
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

Re: Zavirované PC

Napsal: 17 dub 2015 20:11
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zavirované PC

Napsal: 17 dub 2015 20:23
od falcao
# AdwCleaner v4.201 - Log vytvořen 17/04/2015 v 20:57:46
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : DELL - DELL-PC
# Spuštěno z : C:\Users\DELL\Desktop\adwcleaner_4.201.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Nalezeno : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Nalezeno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Google Chrome v42.0.2311.90


*************************

AdwCleaner[R0].txt - [1020 bytů] - [17/04/2015 20:57:46]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1078 bytů] ##########

Re: Zavirované PC

Napsal: 17 dub 2015 20:31
od Rudy
Dejte nový log RSIT.

Re: Zavirované PC

Napsal: 17 dub 2015 20:38
od falcao
Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-17 21:37:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 185 GB (78%) free of 238 GB
Total RAM: 2005 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:03, on 17.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9040 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2560 CREDAT:529665 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
C:\Windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding

"C:\Users\DELL\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-06 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-06 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10 335232]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys

======List of files/folders modified in the last 1 month======

2015-04-17 21:38:03 ----D---- C:\Windows\Temp
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 21:03:43 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-17 21:00:55 ----D---- C:\Windows\system32\config
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

Re: Zavirované PC

Napsal: 17 dub 2015 21:35
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: Zavirované PC

Napsal: 18 dub 2015 13:17
od falcao
Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2015-04-18 14:16:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (78%) free of 238 GB
Total RAM: 2005 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:04, on 18.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\DELL.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8594 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
taskeng.exe {F1B92EAA-2BB0-4331-A3D8-8FED7C53A6AE}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:196 CREDAT:267521 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\DELL\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-27 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-27 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-27 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\DELL\AppData\Roaming\Dropbox\bin\Dropbox.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-18 14:05:53 ----D---- C:\_OTM
2015-04-17 21:06:50 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-17 21:06:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-17 21:06:27 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-17 21:06:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-17 20:57:43 ----D---- C:\AdwCleaner
2015-04-17 20:24:19 ----D---- C:\rsit
2015-04-17 20:24:19 ----D---- C:\Program Files\trend micro
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 16:42:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 16:42:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 16:42:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 16:42:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 16:42:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 16:42:45 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 16:42:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 16:42:43 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 16:42:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 16:42:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 16:42:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 16:42:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 16:42:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 16:42:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 16:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 16:42:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 16:42:37 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 16:42:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 16:42:35 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:46:40 ----SHD---- C:\Config.Msi
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:32:20 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:32:20 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:32:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:20:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:20:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:20:31 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:20:30 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:20:30 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:20:25 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:20:24 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:20:23 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:20:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:20:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:19:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:19:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:19:37 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:19:36 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:19:36 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:19:36 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:19:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:19:31 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:19:31 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:19:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:19:27 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:19:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:19:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:19:24 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:19:23 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:19:23 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:19:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:19:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:19:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:19:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:19:18 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:19:18 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:19:17 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:19:17 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:19:16 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:19:16 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:19:15 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:19:14 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:19:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:19:13 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:19:12 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:19:12 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:19:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:19:10 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:19:10 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:19:09 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:19:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:19:08 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 08:57:48 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-16 08:57:48 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 12:59:37 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 12:59:37 ----SD---- C:\Windows\system32\GWX
2015-03-27 15:36:17 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-27 15:36:04 ----A---- C:\Windows\avastSS.scr
2015-03-27 15:35:44 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys

======List of files/folders modified in the last 1 month======

2015-04-18 14:16:03 ----D---- C:\Windows\Temp
2015-04-18 14:12:56 ----D---- C:\Users\DELL\AppData\Roaming\Dropbox
2015-04-18 14:06:20 ----D---- C:\Windows\Tasks
2015-04-18 14:06:20 ----D---- C:\Program Files (x86)\Google
2015-04-18 14:02:11 ----D---- C:\Windows\system32\config
2015-04-17 21:06:50 ----D---- C:\Windows\system32\drivers
2015-04-17 21:06:27 ----RD---- C:\Program Files (x86)
2015-04-17 21:06:27 ----HD---- C:\ProgramData
2015-04-17 20:28:51 ----SD---- C:\Users\DELL\AppData\Roaming\Microsoft
2015-04-17 20:24:19 ----RD---- C:\Program Files
2015-04-17 17:12:17 ----D---- C:\Windows\Microsoft.NET
2015-04-16 17:00:18 ----D---- C:\Windows\winsxs
2015-04-16 16:58:35 ----D---- C:\Program Files\Internet Explorer
2015-04-16 16:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\SysWOW64
2015-04-16 16:58:34 ----D---- C:\Windows\system32\en-US
2015-04-16 16:58:34 ----D---- C:\Windows\System32
2015-04-16 16:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-16 16:57:36 ----D---- C:\Windows\inf
2015-04-16 16:57:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:56:28 ----SHD---- C:\System Volume Information
2015-04-16 16:26:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 16:26:18 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 11:38:06 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 11:38:06 ----D---- C:\Windows\system32\appraiser
2015-04-16 11:38:05 ----D---- C:\Windows\AppPatch
2015-04-16 09:48:06 ----SHD---- C:\Windows\Installer
2015-04-16 09:47:26 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-16 09:45:39 ----D---- C:\Windows\system32\MRT
2015-04-16 09:43:35 ----RSD---- C:\Windows\assembly
2015-04-16 09:35:26 ----A---- C:\Windows\system32\MRT.exe
2015-04-16 08:59:51 ----D---- C:\Windows\system32\catroot2
2015-04-04 12:59:44 ----D---- C:\Windows\Logs
2015-03-27 15:37:56 ----D---- C:\Windows\system32\DriverStore
2015-03-27 15:36:51 ----D---- C:\Windows\system32\Tasks
2015-03-27 15:36:15 ----D---- C:\Windows
2015-03-27 14:19:00 ----D---- C:\Program Files (x86)\Common Files
2015-03-27 14:18:08 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-03-27 14:17:49 ----D---- C:\Program Files (x86)\Java
2015-03-25 13:03:24 ----D---- C:\Windows\system32\wbem
2015-03-21 12:01:58 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-03-27 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-27 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-03-27 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-27 442264]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-27 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-27 136752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 455168]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032e.sys [2009-06-10 278016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-27 107448]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-11-18 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-07-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-25 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcH

Re: Zavirované PC

Napsal: 18 dub 2015 14:20
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zavirované PC

Napsal: 18 dub 2015 14:50
od falcao
Určitě nastala,počítač je daleko svižnější,všechno běhá rychle.
Vypadá to dobře,myslíte že už spořka ji tam zase může dát internet banking?

Re: Zavirované PC

Napsal: 18 dub 2015 16:51
od Rudy
Ještě bych udělal sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

Re: Zavirované PC

Napsal: 18 dub 2015 20:48
od falcao
Vše čisté nic nenašel.

Re: Zavirované PC

Napsal: 18 dub 2015 21:19
od Rudy
Můžete IB klidně zprovoznit. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz