Pomale pc - konotrla logu

Zpráva

pupupaj · #1 Příspěvek od **pupupaj** » 18 led 2014 15:49

Dobrý den,

prosím o kontrolu logu notebooku mé přítelkyně. Prý se ji zpomalil počítač a také teď spolubydlící na koleji objevila na svém pc viry. Takže bych rád nechal zkontroloval odborníky, že se nenakazila (když už jí tam platím ten avast:)).

Děkuju moc,
Pupupaj

RSIT log:¨
Logfile of random's system information tool 1.09 (written by random/random)
Run by dpmv at 2014-01-18 15:33:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (6%) free of 102 GB
Total RAM: 4086 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:33:34, on 18.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\dpmv.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\78f42741-6595-47ae-a35a-eec1729303cc.exe /check
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\dpmv\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\SysWOW64\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9911 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 25865728
\??\C:\windows\system32\conhost.exe "-1381500431680600712474518219526171051-1531892873404640034-961399335405652556
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2180
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe"
"C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe"
"C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\servicing\TrustedInstaller.exe
taskeng.exe {CA6EC7EE-E562-472E-AB26-82484A9B617F}
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\dpmv\Downloads\RSITx64 (1).exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1215794786-555571408-1142568036-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1215794786-555571408-1142568036-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-18 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-18 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1886504]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 92456]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-11-01 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-11-01 385560]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-11-01 364056]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Google Update"=C:\Users\dpmv\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files (x86)\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]
C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [2011-01-04 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-24 11447912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-06-18 772096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyService"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe []
"HotkeyMon"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [2008-10-01 640376]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-18 3764024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"=C:\Program Files\AVAST Software\Avast\setup\emupdate\78f42741-6595-47ae-a35a-eec1729303cc.exe [2014-01-18 181136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-24 261120]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2030-01-01 19:41:56 ----SHD---- C:\Boot
2014-01-18 15:33:29 ----D---- C:\rsit
2014-01-18 15:26:29 ----D---- C:\Users\dpmv\AppData\Roaming\AVAST Software
2014-01-18 15:17:30 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-01-18 15:13:04 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\java.exe
2014-01-18 15:06:27 ----D---- C:\Program Files\CPUID
2014-01-15 19:20:20 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-01-15 19:20:19 ----A---- C:\windows\system32\drivers\usbport.sys
2014-01-15 19:20:18 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-01-15 19:20:18 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-01-15 19:20:17 ----A---- C:\windows\system32\drivers\usbuhci.sys
2014-01-15 19:20:17 ----A---- C:\windows\system32\drivers\usbd.sys
2014-01-15 19:20:13 ----A---- C:\windows\system32\win32k.sys
2014-01-15 19:20:08 ----A---- C:\windows\system32\drivers\netio.sys
2013-12-28 22:51:06 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-28 22:51:04 ----A---- C:\windows\system32\ieui.dll
2013-12-28 22:51:03 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-28 22:51:03 ----A---- C:\windows\system32\jsproxy.dll
2013-12-28 22:51:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-28 22:51:02 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-28 22:51:02 ----A---- C:\windows\system32\iernonce.dll
2013-12-28 22:51:02 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-28 22:51:01 ----A---- C:\windows\system32\iesetup.dll
2013-12-28 22:51:01 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-28 22:51:00 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-28 22:50:58 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-28 22:50:58 ----A---- C:\windows\system32\mshtml.dll
2013-12-28 22:50:58 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-28 22:50:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-28 22:50:57 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-28 22:50:54 ----A---- C:\windows\system32\iertutil.dll
2013-12-28 22:50:53 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-28 22:50:52 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-28 22:50:52 ----A---- C:\windows\system32\wininet.dll
2013-12-28 22:50:51 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-28 22:50:50 ----A---- C:\windows\system32\urlmon.dll
2013-12-28 22:50:47 ----A---- C:\windows\system32\ieframe.dll
2013-12-28 22:50:45 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-28 22:50:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-28 22:50:40 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-28 22:50:39 ----A---- C:\windows\system32\jscript9.dll
2013-12-23 11:45:21 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-23 11:36:02 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-23 11:36:02 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\msrating.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\msls31.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\mshtmler.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\jsIntl.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\iesysprep.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\elshyph.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\wextract.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\webcheck.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\vbscript.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\url.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\pngfilt.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\occache.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshtmled.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshta.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\msfeeds.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\licmgr10.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\jscript.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\inseng.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\imgutil.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\iexpress.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\iepeers.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\ieapfltr.dat
2013-12-23 11:35:50 ----A---- C:\windows\system32\icardie.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\dxtrans.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\dxtmsft.dll

======List of files/folders modified in the last 1 month======

2014-01-18 15:33:34 ----D---- C:\windows\Temp
2014-01-18 15:33:34 ----D---- C:\windows\Prefetch
2014-01-18 15:33:32 ----D---- C:\Program Files\trend micro
2014-01-18 15:31:52 ----AD---- C:\windows\system32\drivers
2014-01-18 15:30:13 ----D---- C:\windows\system32\config
2014-01-18 15:25:58 ----D---- C:\Users\dpmv\AppData\Roaming\Skype
2014-01-18 15:18:32 ----D---- C:\windows\inf
2014-01-18 15:18:31 ----D---- C:\windows\system32\catroot
2014-01-18 15:18:30 ----D---- C:\windows\system32\DriverStore
2014-01-18 15:18:19 ----SHD---- C:\System Volume Information
2014-01-18 15:17:43 ----D---- C:\windows\system32\Tasks
2014-01-18 15:17:13 ----D---- C:\windows\winsxs
2014-01-18 15:17:12 ----D---- C:\Windows
2014-01-18 15:17:03 ----A---- C:\windows\system32\aswBoot.exe
2014-01-18 15:13:41 ----D---- C:\ProgramData\AVAST Software
2014-01-18 15:13:18 ----SHD---- C:\windows\Installer
2014-01-18 15:13:18 ----SHD---- C:\Config.Msi
2014-01-18 15:13:13 ----D---- C:\ProgramData\Oracle
2014-01-18 15:13:04 ----D---- C:\windows\SysWOW64
2014-01-18 15:12:04 ----D---- C:\Program Files (x86)\Java
2014-01-18 15:07:44 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-01-18 15:06:27 ----RD---- C:\Program Files
2014-01-16 13:18:24 ----D---- C:\windows\System32
2014-01-16 13:18:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-16 08:30:14 ----D---- C:\ProgramData\Microsoft Help
2014-01-16 08:26:39 ----D---- C:\windows\system32\MRT
2014-01-16 08:16:28 ----A---- C:\windows\system32\MRT.exe
2014-01-15 19:19:23 ----D---- C:\windows\system32\catroot2
2014-01-01 18:43:30 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-01 18:43:29 ----D---- C:\Program Files\Internet Explorer
2013-12-28 12:33:59 ----D---- C:\windows\rescache
2013-12-28 11:27:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-28 11:27:02 ----D---- C:\windows\system32\cs-CZ
2013-12-28 11:26:58 ----D---- C:\windows\SYSWOW64\migration
2013-12-28 11:26:58 ----D---- C:\windows\SYSWOW64\en-US
2013-12-28 11:26:54 ----D---- C:\windows\PolicyDefinitions
2013-12-28 11:26:53 ----D---- C:\windows\system32\migration
2013-12-28 11:26:53 ----D---- C:\windows\system32\en-US
2013-12-23 11:45:21 ----D---- C:\windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiDriver;ASUS Charger Driver; C:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 14464]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-01-18 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-01-18 207904]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 aswKbd;aswKbd; \??\C:\windows\system32\drivers\aswKbd.sys [2014-01-18 28184]
R1 aswNdisFlt;Avast! Firewall Driver; C:\windows\system32\DRIVERS\aswNdisFlt.sys [2014-01-18 439648]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-01-18 92544]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-01-18 1034464]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-01-18 422216]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-01-18 78648]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-01-18 79672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-05-08 3063360]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 341032]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 102440]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-05-21 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 21544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-10-24 6180480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-08-24 2472680]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-07-29 76912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 299568]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2013-07-24 34816]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 AsusService;Asus Launcher Service; C:\windows\SysWOW64\AsusService.exe [2010-11-15 224680]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-18 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-01-18 113704]
R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 947488]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18 257928]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-31 867080]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-04-30 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 18 led 2014 15:53

Zdravim

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

pupupaj · #3 Příspěvek od **pupupaj** » 18 led 2014 18:27

Hojda, děkuju za pomoc.

PS: vidim, ze v seznamu je i keygen k matlabu. Tady bych chtel vysvetlit, ze Matlab musela instalovat kvuli studiu a i kdyz jsem rozporoval, ze skola by ji ho mela poskytnout (licenci). Bohuzel skola neposkytuje (UNOB - proste to jsou to vojaci a maji uplne jine mysleni), ale presto v nem mela delat domaci ukoly a pripravovat se, takze si to nainstalovala. Rekl bych, ze to asi muze byt zdroj jejich problemu, ze?

tady je log:
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.01.18.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
dpmv :: MV-ASUS [administrátor]

18.1.2014 15:58:59
MBAM-log-2014-01-18 (18-14-55).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 619778
Uplynulý čas: 2 hodin, 14 minut, 44 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 2
C:\Users\dpmv\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Roaming\OpenCandy\OpenCandy_EF1713F912C24733B7E6E7F908975F98 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 12
C:\Users\dpmv\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Local\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Local\Temp\KMP_3.6.0.87.exe (PUP.Optional.Softonic) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\Downloads\FreeMediaPlayerSetup.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
D:\atlas\arun.exe (Trojan.Oficla.H) -> Nebyla provedena žádná instrukce.
D:\instal\Matlab-2007b\Matlab-2007b\Matlab 2007b\Matlab keygen 2007b.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
D:\škola\UNOB\Bc studium\I.semestr\fyzika\1.roč. fyzika protokoly\matematika deskriptiva\daemon4112-lite.exe (Adware.Vomba) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Roaming\OpenCandy\OpenCandy_EF1713F912C24733B7E6E7F908975F98\1193.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Roaming\OpenCandy\OpenCandy_EF1713F912C24733B7E6E7F908975F98\SpeedstarterCZ.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Roaming\OpenCandy\OpenCandy_EF1713F912C24733B7E6E7F908975F98\ZrychleniPocitace.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\dpmv\AppData\Roaming\OpenCandy\OpenCandy_EF1713F912C24733B7E6E7F908975F98\ZrychleniPocitace_p2v1.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

#4 Příspěvek od **Márty84** » 18 led 2014 18:41

Muze to byt pricina problemu, ale nemusi, tezko rict.

Nalezy samozrejme doporucuji odstranit, ale rozhodnuti je na vas, jestli ten jeden vynechate.
A tohle taky nevim, zda bude potrebovat
D:\škola\UNOB\Bc studium\I.semestr\fyzika\1.roč. fyzika protokoly\matematika deskriptiva\daemon4112-lite.exe (Adware.Vomba) -> Nebyla provedena žádná instrukce.
Jak rikam, necham to na vas, jak se domluvite.

Pak MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

pupupaj · #5 Příspěvek od **pupupaj** » 18 led 2014 18:48

Nalezama ke smazani myslis uplne vsechny nebo ty co nejsou PUP.Optional (jen 3 zaznamy)?

#6 Příspěvek od **Márty84** » 18 led 2014 18:53

pupupaj píše:Nalezama ke smazani myslis uplne vsechny nebo ty co nejsou PUP.Optional (jen 3 zaznamy)?

Uplne vsechny

pupupaj · #7 Příspěvek od **pupupaj** » 18 led 2014 19:11

Log z AdwCleaneru:
# AdwCleaner v3.017 - Report created 18/01/2014 at 19:04:39
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dpmv - MV-ASUS
# Running from : C:\Users\dpmv\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\windows\System32\roboot64.exe
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Winamp Toolbar
Folder Found C:\Users\dpmv\AppData\Local\OpenCandy
Folder Found C:\Users\dpmv\AppData\Local\Winamp Toolbar
Folder Found C:\Users\dpmv\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Speedchecker Limited
Key Found : HKCU\Software\Winamp Toolbar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Speedchecker Limited
Key Found : [x64] HKCU\Software\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Winamp Toolbar
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v

[ File : C:\Users\dpmv\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4080 octets] - [18/01/2014 19:04:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4140 octets] ##########

#8 Příspěvek od **Márty84** » 18 led 2014 19:58

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

pupupaj · #9 Příspěvek od **pupupaj** » 18 led 2014 20:21

AdwCleaner log:
# AdwCleaner v3.017 - Report created 18/01/2014 at 20:01:37
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dpmv - MV-ASUS
# Running from : C:\Users\dpmv\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\Users\dpmv\AppData\Local\OpenCandy
Folder Deleted : C:\Users\dpmv\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\dpmv\AppData\Roaming\Systweak
File Deleted : C:\windows\System32\roboot64.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v

[ File : C:\Users\dpmv\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4280 octets] - [18/01/2014 19:04:39]
AdwCleaner[S0].txt - [4006 octets] - [18/01/2014 20:01:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4066 octets] ##########

RogueKiller log:
RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : dpmv [Práva správce]
Mód : Kontrola -- Datum : 01/18/2014 20:18:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> SMAZÁNO [Tree]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] f349eb01e5f37aac976203bef5b1b04f
[BSP] 1394107f1fc1284a4548cd53ecbd830f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 359162 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 976738304 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01182014_201822.txt >>

#10 Příspěvek od **Márty84** » 18 led 2014 20:32

RK hlasi sam sebe za nebezpecny proces

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

pupupaj · #11 Příspěvek od **pupupaj** » 18 led 2014 20:41

No prvni dva pokusy o spusteni RK me zariznul Avast, takze mi tam zustaly vyset. Tak jsem Avast nachvilku vypnul, aby to proslo:).

Log ze smazani:
RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : dpmv [Práva správce]
Mód : Odebrat -- Datum : 01/18/2014 20:39:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[Microsoft][HIDDEN] dllhost.exe -- \Device\HarddiskVolume1\Windows\System32\dllhost.exe [x] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] f349eb01e5f37aac976203bef5b1b04f
[BSP] 1394107f1fc1284a4548cd53ecbd830f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 359162 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 976738304 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01182014_203900.txt >>
RKreport[0]_S_01182014_201822.txt;RKreport[0]_S_01182014_203831.txt

Log z host:
RogueKiller V8.8.2 [Jan 17 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : dpmv [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/18/2014 20:40:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[SUSP PATH] RogueKiller.exe -- C:\Users\dpmv\Desktop\RogueKiller.exe [-] -> ERROR [5]
[Microsoft][HIDDEN] dllhost.exe -- \Device\HarddiskVolume1\Windows\System32\dllhost.exe [x] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_01182014_204046.txt >>
RKreport[0]_D_01182014_203900.txt;RKreport[0]_S_01182014_201822.txt;RKreport[0]_S_01182014_203831.txt

pupupaj · #12 Příspěvek od **pupupaj** » 18 led 2014 20:53

Omlouvam se, ale dneska uz utikam spat. Preju jeste peknej vecer a ja se na to zas vrhnu zitra.

Dekuzu zatim velice za pomoc.
Brou noc

#13 Příspěvek od **Márty84** » 18 led 2014 22:33

Neni proc se omlouvat

Taky nemuzu porad sedet u pc

Tak se na to dobre vyspete a zitra dejte novy log z RSIT

pupupaj · #14 Příspěvek od **pupupaj** » 19 led 2014 11:03

Dobre rano, tak jsem se na to teda vyspal a hned Vam jsem davam log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by dpmv at 2014-01-19 11:01:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (6%) free of 102 GB
Total RAM: 4086 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:01:54, on 19.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\dpmv.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\dpmv\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\SysWOW64\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9959 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 37367168
\??\C:\windows\system32\conhost.exe "-3541781832090213372-1614207885-104876076920427480221679453370-5541246411478828238
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\windows\SysWOW64\AsusService.exe
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2372
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\acrotray.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe"
"C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
taskeng.exe {EC2D7538-C359-4F35-BC26-DE81E9718BB1}
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
"C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3416.0.1620037161\1035909719" --disable-image-transport-surface --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,5,13,23 --gpu-vendor-id=0x8086 --gpu-device-id=0xa001 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.14.10.2230 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\dpmv\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/PP_EnableZeroSuggest_R3_Stable_ArmA/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group3 pct:10c stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_58/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --instant-process --disable-html-notifications --enable-software-compositing --channel="3416.1.1199170414\1291218211" /prefetch:673131151
"C:\Users\dpmv\Downloads\RSITx64 (1).exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1215794786-555571408-1142568036-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1215794786-555571408-1142568036-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-18 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-18 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-18 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1886504]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 92456]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-11-01 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-11-01 385560]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-11-01 364056]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Google Update"=C:\Users\dpmv\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 116648]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files (x86)\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]
C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [2011-01-04 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-08-24 11447912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-06-18 772096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files (x86)\ASUS\SHE\SuperHybridEngine.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyService"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotkeyService.exe []
"HotkeyMon"=AsusSender.exe C:\Program Files (x86)\ASUS\HotkeyService\HotKeyMon.exe []
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\PTC\Mathcad PDSi\Acrobat\Acrotray.exe [2008-10-01 640376]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-18 3764024]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-24 261120]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2030-01-01 19:41:56 ----SHD---- C:\Boot
2014-01-18 19:04:31 ----D---- C:\AdwCleaner
2014-01-18 15:33:29 ----D---- C:\rsit
2014-01-18 15:26:29 ----D---- C:\Users\dpmv\AppData\Roaming\AVAST Software
2014-01-18 15:17:30 ----A---- C:\windows\system32\drivers\aswstm.sys
2014-01-18 15:13:04 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-01-18 15:12:25 ----A---- C:\windows\SYSWOW64\java.exe
2014-01-18 15:06:27 ----D---- C:\Program Files\CPUID
2014-01-15 19:20:20 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-01-15 19:20:19 ----A---- C:\windows\system32\drivers\usbport.sys
2014-01-15 19:20:18 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-01-15 19:20:18 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-01-15 19:20:17 ----A---- C:\windows\system32\drivers\usbuhci.sys
2014-01-15 19:20:17 ----A---- C:\windows\system32\drivers\usbd.sys
2014-01-15 19:20:13 ----A---- C:\windows\system32\win32k.sys
2014-01-15 19:20:08 ----A---- C:\windows\system32\drivers\netio.sys
2013-12-28 22:51:06 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-12-28 22:51:04 ----A---- C:\windows\system32\ieui.dll
2013-12-28 22:51:03 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-12-28 22:51:03 ----A---- C:\windows\system32\jsproxy.dll
2013-12-28 22:51:02 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-12-28 22:51:02 ----A---- C:\windows\system32\ieUnatt.exe
2013-12-28 22:51:02 ----A---- C:\windows\system32\iernonce.dll
2013-12-28 22:51:02 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-28 22:51:01 ----A---- C:\windows\system32\iesetup.dll
2013-12-28 22:51:01 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-12-28 22:51:00 ----A---- C:\windows\system32\ieetwcollector.exe
2013-12-28 22:50:58 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-12-28 22:50:58 ----A---- C:\windows\system32\mshtml.dll
2013-12-28 22:50:58 ----A---- C:\windows\system32\jscript9diag.dll
2013-12-28 22:50:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-12-28 22:50:57 ----A---- C:\windows\system32\ieapfltr.dll
2013-12-28 22:50:54 ----A---- C:\windows\system32\iertutil.dll
2013-12-28 22:50:53 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-12-28 22:50:52 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-12-28 22:50:52 ----A---- C:\windows\system32\wininet.dll
2013-12-28 22:50:51 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-12-28 22:50:50 ----A---- C:\windows\system32\urlmon.dll
2013-12-28 22:50:47 ----A---- C:\windows\system32\ieframe.dll
2013-12-28 22:50:45 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-12-28 22:50:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-12-28 22:50:40 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-12-28 22:50:39 ----A---- C:\windows\system32\jscript9.dll
2013-12-23 11:45:21 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-12-23 11:36:02 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-12-23 11:36:02 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\url.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\occache.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-12-23 11:35:51 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\msrating.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\msls31.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\mshtmler.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\msfeedssync.exe
2013-12-23 11:35:51 ----A---- C:\windows\system32\msfeedsbs.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\jsIntl.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\iesysprep.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\IEAdvpack.dll
2013-12-23 11:35:51 ----A---- C:\windows\system32\elshyph.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\wextract.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\webcheck.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\vbscript.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\url.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\pngfilt.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\occache.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshtmled.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\MshtmlDac.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\mshta.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\msfeeds.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\licmgr10.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\jscript.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\inseng.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\imgutil.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\iexpress.exe
2013-12-23 11:35:50 ----A---- C:\windows\system32\iepeers.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\iedkcs32.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\ieapfltr.dat
2013-12-23 11:35:50 ----A---- C:\windows\system32\icardie.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\dxtrans.dll
2013-12-23 11:35:50 ----A---- C:\windows\system32\dxtmsft.dll

======List of files/folders modified in the last 1 month======

2014-01-19 11:01:56 ----D---- C:\windows\Temp
2014-01-19 11:01:52 ----D---- C:\Program Files\trend micro
2014-01-19 11:00:30 ----D---- C:\windows\system32\config
2014-01-19 10:58:31 ----D---- C:\Users\dpmv\AppData\Roaming\Skype
2014-01-18 20:38:23 ----AD---- C:\windows\system32\drivers
2014-01-18 20:01:40 ----HD---- C:\ProgramData
2014-01-18 20:01:40 ----D---- C:\windows\System32
2014-01-18 19:03:06 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-18 15:42:23 ----D---- C:\windows\Prefetch
2014-01-18 15:18:32 ----D---- C:\windows\inf
2014-01-18 15:18:31 ----D---- C:\windows\system32\catroot
2014-01-18 15:18:30 ----D---- C:\windows\system32\DriverStore
2014-01-18 15:18:19 ----SHD---- C:\System Volume Information
2014-01-18 15:17:43 ----D---- C:\windows\system32\Tasks
2014-01-18 15:17:13 ----D---- C:\windows\winsxs
2014-01-18 15:17:12 ----D---- C:\Windows
2014-01-18 15:17:03 ----A---- C:\windows\system32\aswBoot.exe
2014-01-18 15:13:41 ----D---- C:\ProgramData\AVAST Software
2014-01-18 15:13:18 ----SHD---- C:\windows\Installer
2014-01-18 15:13:18 ----SHD---- C:\Config.Msi
2014-01-18 15:13:14 ----D---- C:\ProgramData\Oracle
2014-01-18 15:13:04 ----D---- C:\windows\SysWOW64
2014-01-18 15:12:04 ----D---- C:\Program Files (x86)\Java
2014-01-18 15:07:44 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-01-18 15:06:27 ----RD---- C:\Program Files
2014-01-16 13:18:24 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-01-16 08:30:14 ----D---- C:\ProgramData\Microsoft Help
2014-01-16 08:26:39 ----D---- C:\windows\system32\MRT
2014-01-16 08:16:28 ----A---- C:\windows\system32\MRT.exe
2014-01-15 19:19:23 ----D---- C:\windows\system32\catroot2
2014-01-01 18:43:30 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-01 18:43:29 ----D---- C:\Program Files\Internet Explorer
2013-12-28 12:33:59 ----D---- C:\windows\rescache
2013-12-28 11:27:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-12-28 11:27:02 ----D---- C:\windows\system32\cs-CZ
2013-12-28 11:26:58 ----D---- C:\windows\SYSWOW64\migration
2013-12-28 11:26:58 ----D---- C:\windows\SYSWOW64\en-US
2013-12-28 11:26:54 ----D---- C:\windows\PolicyDefinitions
2013-12-28 11:26:53 ----D---- C:\windows\system32\migration
2013-12-28 11:26:53 ----D---- C:\windows\system32\en-US
2013-12-23 11:45:21 ----D---- C:\windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiDriver;ASUS Charger Driver; C:\windows\system32\DRIVERS\AiDriver.sys [2010-05-20 14464]
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-01-18 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-01-18 207904]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AsUpIO;AsUpIO; C:\windows\SysWow64\drivers\AsUpIO.sys [2011-02-09 14464]
R1 aswKbd;aswKbd; \??\C:\windows\system32\drivers\aswKbd.sys [2014-01-18 28184]
R1 aswNdisFlt;Avast! Firewall Driver; C:\windows\system32\DRIVERS\aswNdisFlt.sys [2014-01-18 439648]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2014-01-18 92544]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2014-01-18 1034464]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2014-01-18 422216]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-12-19 64288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2014-01-18 78648]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2014-01-18 79672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-05-08 3063360]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-05-21 341032]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-05-21 102440]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2010-05-21 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-05-21 21544]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-10-24 6180480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-08-24 2472680]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-07-29 76912]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 78848]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 180224]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 299568]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2013-07-24 34816]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 AsusService;Asus Launcher Service; C:\windows\SysWOW64\AsusService.exe [2010-11-15 224680]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-18 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-01-18 113704]
R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-05-21 947488]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-18 257928]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-31 867080]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-04-30 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#15 Příspěvek od **Márty84** » 19 led 2014 11:29

Hezke dopoledne, nebo uz poledne

Dnes u pc moc nebudu, ale snad to dojedem.

Jeste si dame OTL a pak budem mazat

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

VIRY.CZ

Pomale pc - konotrla logu

Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu

Re: Pomale pc - konotrla logu