Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
elzad

prosím o preventivní kontrolu

#1 Příspěvek od elzad »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2014-03-09 17:02:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 415 GB (89%) free of 467 GB
Total RAM: 4008 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:29, on 9.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
C:\PROGRA~2\THEKMP~1\KMPlayer.exe
C:\Program Files\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncgmowalSrv] C:\Windows\inf\mncgmowal.vbe
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_SDBB.tmp" /EF "HKCU"
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files (x86)\Nezapomen\nezapomen.exe 41707
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsažené FLV video - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13837 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
C:\Windows\system32\PrintCtrl.exe
taskeng.exe {AE95FEE8-0622-46C9-8845-B9BC8E431FB8}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Program Files\Serviio\bin\ServiioService.exe"
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
"C:\Program Files\Serviio\bin\ServiioService.exe" Serviio __i4j_restart
"C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe" /RunCurUs
"C:\Program Files\Internet Download Manager\IDMan.exe" -Embedding
"C:\Program Files\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac
"C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe"
C:\PROGRA~2\THEKMP~1\KMPlayer.exe -Embedding
"C:\Windows\Explorer.EXE"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe32_ Global\UsGthrCtrlFltPipeMssGthrPipe32 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
taskeng.exe {9855F8CE-A9B5-4413-B902-2E90F3A0974D}
"C:\rsit\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Driver Booster Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
C:\Windows\tasks\Plus-HD-8.1-enabler.job
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-8.1-updater.job
C:\Windows\tasks\SpyHunter4.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
nsILegitCheckPlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\extensions\
8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
adsremoval@adsremoval.net
ascsurfingprotection@iobit.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{3112ca9c-de6d-4884-a869-9855de68056c}
{ada4b710-8346-4b82-8199-5de2b400a6ae}

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\searchplugins\
hledejcenycz.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC64.dll [2012-12-14 393688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-02-21 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]
Plus-HD-8.1 - C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bho64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-28 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-28 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2012-12-14 360408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-28 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-02-25 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 442328]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Nezapomen"=C:\Program Files (x86)\Nezapomen\nezapomen.exe [2001-06-30 457216]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-07-15 108624]
"ISUSPM Startup"=c:\progra~2\common~1\instal~1\update~1\isuspm.exe [2004-06-16 221184]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-16 1016712]
"Display Stix - System tray"=C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe [2004-01-12 241664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-02-11 2288928]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-27 801816]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gbrspcontrol]
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"mncgmowalSrv"=C:\Windows\inf\mncgmowal.vbe [2014-01-13 1338]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]
"Bonus.SSR.FR11"=C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-30 925960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-03-08 17:40:38 ----A---- C:\Windows\ntbtlog.txt
2014-03-05 22:09:00 ----SHD---- C:\Config.Msi
2014-03-05 13:13:29 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 13:07:23 ----D---- C:\ProgramData\Apple Computer
2014-03-05 13:05:53 ----D---- C:\ProgramData\Apple
2014-02-27 17:18:52 ----D---- C:\AviDemux-2.6.7-CZ-(ML)-Portable
2014-02-27 17:13:15 ----D---- C:\Users\Jan\AppData\Roaming\avidemux
2014-02-26 18:29:35 ----D---- C:\Users\Jan\AppData\Roaming\ABBYY
2014-02-26 18:21:28 ----D---- C:\Program Files (x86)\ABBYY FineReader 11
2014-02-26 17:27:24 ----A---- C:\Windows\system32\Rtlihvs.dll
2014-02-26 17:27:10 ----A---- C:\Windows\SwUSB.exe
2014-02-26 17:27:10 ----A---- C:\Windows\runSW.exe
2014-02-26 17:27:09 ----A---- C:\Windows\SYSWOW64\ISSRemoveSP.exe
2014-02-26 01:43:43 ----D---- C:\Users\Jan\AppData\Roaming\IsolatedStorage
2014-02-26 01:43:43 ----D---- C:\ProgramData\IsolatedStorage
2014-02-26 01:41:59 ----D---- C:\Spacekace
2014-02-24 11:05:02 ----A---- C:\Windows\system32\USBCoInstaller.dll
2014-02-23 16:40:59 ----D---- C:\Users\Jan\AppData\Roaming\newnext.me
2014-02-23 13:52:41 ----A---- C:\Windows\SYSWOW64\RtsUStoricon.dll
2014-02-23 13:52:41 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2014-02-23 13:52:08 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2014-02-23 13:52:08 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-02-23 13:46:28 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2014-02-23 13:43:46 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-02-23 13:43:41 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-02-23 13:43:40 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RTCOM64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoRes64.dat
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-02-23 13:43:33 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-02-23 13:43:31 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-02-23 13:43:21 ----A---- C:\log.txt
2014-02-23 13:36:57 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-02-23 13:36:02 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-23 13:36:01 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-02-21 17:02:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-02-21 13:45:13 ----D---- C:\ProgramData\ProductData
2014-02-21 13:45:01 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-20 21:27:15 ----D---- C:\Users\Jan\AppData\Roaming\AnvSoft
2014-02-20 21:26:57 ----D---- C:\Program Files (x86)\AnvSoft
2014-02-17 10:59:07 ----RA---- C:\Windows\system32\CmiInstallResAll64.dll
2014-02-17 10:59:03 ----RA---- C:\Windows\difxapi.dll
2014-02-15 14:08:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:47:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 13:47:40 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 13:47:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 13:46:58 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 13:46:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 13:46:56 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3.dll
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-14 09:32:32 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-14 09:32:32 ----A---- C:\Windows\system32\d2d1.dll
2014-02-11 18:30:25 ----D---- C:\ProgramData\Iminent
2014-02-11 18:30:18 ----D---- C:\Users\Jan\AppData\Roaming\Iminent
2014-02-11 18:29:34 ----D---- C:\Users\Jan\AppData\Roaming\ ROLLEI DF-S 100 SE user guide
2014-02-11 11:10:28 ----D---- C:\Users\Jan\AppData\Roaming\IrfanView

======List of files/folders modified in the last 1 month======

2014-03-09 17:02:29 ----D---- C:\Windows\Prefetch
2014-03-09 17:02:20 ----D---- C:\Program Files\trend micro
2014-03-09 17:02:10 ----D---- C:\rsit
2014-03-09 15:43:39 ----D---- C:\ProgramData\YTD Video Downloader
2014-03-09 15:24:17 ----D---- C:\Windows\system32\config
2014-03-09 15:23:23 ----D---- C:\Users\Jan\AppData\Roaming\IDM
2014-03-09 15:14:40 ----D---- C:\Windows\Temp
2014-03-09 15:13:01 ----SHD---- C:\System Volume Information
2014-03-09 09:28:35 ----D---- C:\Windows\system32\catroot2
2014-03-08 17:59:29 ----AD---- C:\Windows\system32\drivers
2014-03-08 17:59:12 ----D---- C:\Windows\system32\drivers\UMDF
2014-03-08 17:59:12 ----AD---- C:\Windows\System32
2014-03-08 17:59:11 ----D---- C:\Windows\inf
2014-03-08 17:44:01 ----D---- C:\Windows\SoftwareDistribution
2014-03-08 17:40:49 ----D---- C:\Windows
2014-03-08 17:40:42 ----D---- C:\Windows\debug
2014-03-07 19:29:18 ----D---- C:\Users\Jan\AppData\Roaming\DMCache
2014-03-07 17:41:30 ----D---- C:\Temp
2014-03-07 14:18:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-06 19:17:39 ----D---- C:\Program Files (x86)\The KMPlayer
2014-03-05 23:49:39 ----D---- C:\Windows\system32\catroot
2014-03-05 23:42:40 ----D---- C:\Windows\winsxs
2014-03-05 23:30:35 ----D---- C:\Program Files (x86)
2014-03-05 23:29:33 ----SHD---- C:\Windows\Installer
2014-03-05 23:29:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-05 23:28:50 ----D---- C:\Program Files (x86)\Common Files
2014-03-05 23:28:45 ----D---- C:\Program Files\Common Files
2014-03-05 23:23:12 ----D---- C:\Program Files (x86)\CyberLink
2014-03-05 23:19:46 ----D---- C:\Windows\system32\DriverStore
2014-03-05 23:18:45 ----HD---- C:\ProgramData
2014-03-05 23:18:45 ----D---- C:\Program Files (x86)\Google
2014-03-05 23:17:28 ----AD---- C:\ProgramData\Temp
2014-03-05 22:09:04 ----RD---- C:\Program Files
2014-03-05 22:09:03 ----AD---- C:\Windows\SysWOW64
2014-03-05 22:03:44 ----DC---- C:\Windows\system32\DRVSTORE
2014-03-05 13:22:35 ----D---- C:\Windows\system32\Tasks
2014-03-05 13:08:37 ----D---- C:\Users\Jan\AppData\Roaming\Apple Computer
2014-03-05 11:47:10 ----D---- C:\Windows\system32\NDF
2014-02-26 18:01:02 ----D---- C:\ProgramData\ABBYY
2014-02-26 11:29:34 ----D---- C:\ProgramData\CMUV
2014-02-26 11:10:12 ----D---- C:\Users\Jan\AppData\Roaming\CMUV
2014-02-24 22:57:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-23 19:24:40 ----D---- C:\Downloads
2014-02-23 14:18:01 ----D---- C:\Program Files (x86)\Calibre2
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RTNUninst64.dll
2014-02-23 13:45:32 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-02-23 13:37:04 ----D---- C:\Windows\Tasks
2014-02-23 13:37:03 ----D---- C:\Users\Jan\AppData\Roaming\IObit
2014-02-23 13:37:03 ----D---- C:\ProgramData\IObit
2014-02-23 13:36:52 ----D---- C:\Program Files (x86)\IObit
2014-02-21 18:02:11 ----D---- C:\Program Files\Windows Media Player
2014-02-21 18:02:11 ----D---- C:\Program Files\Microsoft Office
2014-02-21 18:02:11 ----D---- C:\Program Files\DVD Maker
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\System
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-02-21 18:02:11 ----D---- C:\Program Files (x86)\Windows Media Player
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Mirillis
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-02-21 18:02:09 ----D---- C:\GPS_Data
2014-02-21 18:02:09 ----D---- C:\FRST
2014-02-21 17:59:40 ----D---- C:\ProgramData\PMS
2014-02-21 17:59:40 ----D---- C:\ProgramData\oem
2014-02-21 17:59:40 ----D---- C:\ProgramData\install_clap
2014-02-21 17:59:37 ----D---- C:\ProgramData\tmp
2014-02-21 13:51:20 ----D---- C:\Windows\Panther
2014-02-21 13:50:26 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
2014-02-17 22:44:50 ----D---- C:\Program Files (x86)\7-Zip
2014-02-17 10:59:06 ----D---- C:\Windows\system
2014-02-16 11:10:40 ----D---- C:\Windows\system32\MRT
2014-02-16 11:08:43 ----A---- C:\Windows\system32\MRT.exe
2014-02-16 08:08:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 17:10:58 ----D---- C:\Windows\rescache
2014-02-14 15:57:20 ----D---- C:\Windows\Microsoft.NET
2014-02-14 15:54:49 ----RSD---- C:\Windows\assembly
2014-02-14 13:55:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 13:55:22 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 13:55:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 13:55:18 ----D---- C:\Program Files\Internet Explorer
2014-02-14 13:49:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-08-22 192824]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-08-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-08-01 31544]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-07-10 667496]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-07-10 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-12-23 69376]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-20 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-07 381440]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-01-20 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-20 970336]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-08-01 147768]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-08-22 241464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-08-22 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-05-10 55384]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-10-15 251664]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-10-15 126736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-07 283064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-23 3771352]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-23 99800]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-04-12 2431792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-23 266968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-02-23 888536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-01-20 279136]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 gwiopm;gwiopm; \??\C:\Program Files (x86)\Unknown Device Identifier\gwiopm.sys []
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2011-11-04 58368]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-02-15 164864]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PQAWRwa;PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys []
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-10-25 167936]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-10-15 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-07-04 106256]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-09-30 36568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [2009-08-18 7599616]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2011-01-03 77824]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2013-12-20 359936]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S3 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928]
S3 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-20 3975088]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-19 1255736]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119501
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: prosím o preventivní kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
elzad

Re: prosím o preventivní kontrolu

#3 Příspěvek od elzad »

# AdwCleaner v3.021 - Report created 11/03/2014 at 09:48:37
# Updated 10/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jan - JAN-PC
# Running from : C:\Users\Jan\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Yandex
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\Jan\AppData\Local\genienext
Folder Deleted : C:\Users\Jan\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Jan\AppData\Local\Yandex
Folder Deleted : C:\Users\Jan\AppData\LocalLow\Yandex
Folder Deleted : C:\Users\Jan\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Jan\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Jan\AppData\Roaming\Yandex
Folder Deleted : C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Jan\Documents\Mobogenie
Folder Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bbytdkrn.default\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\Extensions\adsremoval@adsremoval.net
Folder Deleted : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
File Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bbytdkrn.default\Extensions\firefox@fassurun.co.xpi
File Deleted : C:\Users\Jan\Desktop\Mobogenie.lnk
File Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\user.js
File Deleted : C:\Windows\Tasks\Driver Booster Update.job
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.Sandbox.1
Key Deleted : HKCU\Software\af029b7100cbb27d8c0472b97315e8d5
Key Deleted : HKCU\Software\ec7f36b8db514afb78691c8fb02f2505
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511111108}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522112208}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555115508}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566116608}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544114408}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511111108}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511111108}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522112208}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555115508}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566116608}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\bbytdkrn.default\prefs.js ]


[ File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "143b4df17b2090e52e68ff3904d41b12");

-\\ Google Chrome v

[ File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R10].txt - [1323 octets] - [06/01/2014 17:38:49]
AdwCleaner[R11].txt - [1823 octets] - [08/01/2014 18:12:36]
AdwCleaner[R12].txt - [1203 octets] - [09/01/2014 09:27:24]
AdwCleaner[R13].txt - [5848 octets] - [11/03/2014 09:46:41]
AdwCleaner[S10].txt - [1822 octets] - [08/01/2014 18:13:10]
AdwCleaner[S11].txt - [5678 octets] - [11/03/2014 09:48:37]
AdwCleaner[S9].txt - [1403 octets] - [06/01/2014 17:39:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [5799 octets] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119501
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: prosím o preventivní kontrolu

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
elzad

Re: prosím o preventivní kontrolu

#5 Příspěvek od elzad »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2014-03-12 09:12:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 412 GB (88%) free of 467 GB
Total RAM: 4008 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:12:35, on 12.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe
C:\Program Files\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncgmowalSrv] C:\Windows\inf\mncgmowal.vbe
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_SDBB.tmp" /EF "HKCU"
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncebivqbSrv] C:\Windows\inf\mncebivqb.vbe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files (x86)\Nezapomen\nezapomen.exe 41710
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsažené FLV video - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13533 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL
C:\Windows\system32\PrintCtrl.exe
"C:\Program Files\Serviio\bin\ServiioService.exe"
"C:\Program Files\Serviio\bin\ServiioService.exe" Serviio __i4j_restart
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
taskeng.exe {1E397666-938C-4FA1-AF0A-E04939724487}
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe" /DelayLoad
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\rsit\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
C:\Windows\tasks\Plus-HD-8.1-enabler.job
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-8.1-updater.job
C:\Windows\tasks\SpyHunter4.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
nsILegitCheckPlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\extensions\
8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
ascsurfingprotection@iobit.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{3112ca9c-de6d-4884-a869-9855de68056c}
{ada4b710-8346-4b82-8199-5de2b400a6ae}

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\searchplugins\
hledejcenycz.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC64.dll [2012-12-14 393688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-02-21 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-28 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-28 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2012-12-14 360408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-28 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-02-25 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 442328]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Nezapomen"=C:\Program Files (x86)\Nezapomen\nezapomen.exe [2001-06-30 457216]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-07-15 108624]
"ISUSPM Startup"=c:\progra~2\common~1\instal~1\update~1\isuspm.exe [2004-06-16 221184]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-16 1016712]
"Display Stix - System tray"=C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe [2004-01-12 241664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-02-11 2288928]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-27 801816]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gbrspcontrol]
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"mncgmowalSrv"=C:\Windows\inf\mncgmowal.vbe [2014-01-13 1338]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]
"Bonus.SSR.FR11"=C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-30 925960]
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncebivqbSrv"=C:\Windows\inf\mncebivqb.vbe [2014-01-19 1342]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-03-11 12:22:09 ----A---- C:\Windows\ntbtlog.txt
2014-03-11 12:10:26 ----D---- C:\ProgramData\YTD Video Downloader
2014-03-11 12:08:04 ----D---- C:\Extracted
2014-03-11 11:50:06 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-03-05 22:09:00 ----SHD---- C:\Config.Msi
2014-03-05 13:13:29 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 13:07:23 ----D---- C:\ProgramData\Apple Computer
2014-03-05 13:05:53 ----D---- C:\ProgramData\Apple
2014-02-27 17:13:15 ----D---- C:\Users\Jan\AppData\Roaming\avidemux
2014-02-26 18:29:35 ----D---- C:\Users\Jan\AppData\Roaming\ABBYY
2014-02-26 18:21:28 ----D---- C:\Program Files (x86)\ABBYY FineReader 11
2014-02-26 17:27:24 ----A---- C:\Windows\system32\Rtlihvs.dll
2014-02-26 17:27:10 ----A---- C:\Windows\SwUSB.exe
2014-02-26 17:27:10 ----A---- C:\Windows\runSW.exe
2014-02-26 17:27:09 ----A---- C:\Windows\SYSWOW64\ISSRemoveSP.exe
2014-02-26 01:43:43 ----D---- C:\Users\Jan\AppData\Roaming\IsolatedStorage
2014-02-26 01:43:43 ----D---- C:\ProgramData\IsolatedStorage
2014-02-26 01:41:59 ----D---- C:\Spacekace
2014-02-24 11:05:02 ----A---- C:\Windows\system32\USBCoInstaller.dll
2014-02-23 13:52:41 ----A---- C:\Windows\SYSWOW64\RtsUStoricon.dll
2014-02-23 13:52:41 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2014-02-23 13:52:08 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2014-02-23 13:52:08 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-02-23 13:46:28 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2014-02-23 13:43:46 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-02-23 13:43:41 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-02-23 13:43:40 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RTCOM64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoRes64.dat
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-02-23 13:43:33 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-02-23 13:43:31 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-02-23 13:43:21 ----A---- C:\log.txt
2014-02-23 13:36:57 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-02-23 13:36:02 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-23 13:36:01 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-02-21 17:02:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-02-21 13:45:13 ----D---- C:\ProgramData\ProductData
2014-02-21 13:45:01 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-20 21:27:15 ----D---- C:\Users\Jan\AppData\Roaming\AnvSoft
2014-02-20 21:26:57 ----D---- C:\Program Files (x86)\AnvSoft
2014-02-19 17:45:00 ----D---- C:\Program Files (x86)\Plus-HD-8.1
2014-02-17 10:59:07 ----RA---- C:\Windows\system32\CmiInstallResAll64.dll
2014-02-17 10:59:03 ----RA---- C:\Windows\difxapi.dll
2014-02-15 14:08:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:47:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 13:47:40 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 13:47:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 13:46:58 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 13:46:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 13:46:56 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3.dll
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-14 09:32:32 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-14 09:32:32 ----A---- C:\Windows\system32\d2d1.dll

======List of files/folders modified in the last 1 month======

2014-03-12 09:12:35 ----D---- C:\Windows\Prefetch
2014-03-12 09:12:28 ----D---- C:\Program Files\trend micro
2014-03-12 09:07:36 ----D---- C:\Windows\Temp
2014-03-11 19:27:07 ----D---- C:\Windows\system32\config
2014-03-11 16:17:29 ----D---- C:\Windows
2014-03-11 13:59:47 ----D---- C:\Users\Jan\AppData\Roaming\DMCache
2014-03-11 12:23:25 ----D---- C:\Windows\inf
2014-03-11 12:23:25 ----AD---- C:\Windows\System32
2014-03-11 12:23:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-11 12:10:26 ----HD---- C:\ProgramData
2014-03-11 12:03:15 ----D---- C:\Program Files (x86)
2014-03-11 12:02:19 ----AD---- C:\Windows\SysWOW64
2014-03-11 11:49:04 ----D---- C:\Users\Jan\AppData\Roaming\IDM
2014-03-11 11:46:04 ----AD---- C:\ProgramData\Temp
2014-03-11 11:45:46 ----D---- C:\Program Files (x86)\SpywareBlaster
2014-03-11 10:41:04 ----D---- C:\Windows\system32\catroot2
2014-03-11 09:48:52 ----D---- C:\AdwCleaner
2014-03-11 09:48:46 ----D---- C:\Windows\Tasks
2014-03-11 09:48:46 ----D---- C:\Windows\system32\Tasks
2014-03-11 09:48:45 ----D---- C:\Program Files (x86)\Common Files
2014-03-11 09:31:34 ----D---- C:\Windows\SoftwareDistribution
2014-03-11 09:28:11 ----D---- C:\Windows\debug
2014-03-09 19:21:27 ----D---- C:\Windows\system32\NDF
2014-03-09 19:06:27 ----D---- C:\Windows\system32\catroot
2014-03-09 18:58:26 ----SHD---- C:\System Volume Information
2014-03-09 18:46:04 ----D---- C:\Windows\system32\wfp
2014-03-09 18:46:01 ----D---- C:\Windows\system32\wbem
2014-03-09 18:45:23 ----D---- C:\Windows\system32\DriverStore
2014-03-09 18:45:19 ----D---- C:\Windows\winsxs
2014-03-09 18:45:19 ----D---- C:\Windows\system32\drivers\etc
2014-03-09 18:45:14 ----SHD---- C:\Windows\Installer
2014-03-09 18:45:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-03-09 18:45:14 ----AD---- C:\Windows\system32\drivers
2014-03-09 18:45:13 ----D---- C:\Windows\AppCompat
2014-03-09 18:45:13 ----D---- C:\Users\Jan\AppData\Roaming\GHISLER
2014-03-09 18:45:13 ----D---- C:\Users\Jan\AppData\Roaming\Feedreader
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\The KMPlayer
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\SmartSound Software
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\RocketDock
2014-03-09 18:45:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-09 18:45:11 ----D---- C:\Program Files (x86)\Nezapomen
2014-03-09 18:45:10 ----D---- C:\Windows\registration
2014-03-09 18:44:35 ----D---- C:\ProgramData\MySQL
2014-03-07 17:41:30 ----D---- C:\Temp
2014-03-05 23:28:45 ----D---- C:\Program Files\Common Files
2014-03-05 23:23:12 ----D---- C:\Program Files (x86)\CyberLink
2014-03-05 23:18:45 ----D---- C:\Program Files (x86)\Google
2014-03-05 22:09:04 ----RD---- C:\Program Files
2014-03-05 22:03:44 ----DC---- C:\Windows\system32\DRVSTORE
2014-03-05 13:08:37 ----D---- C:\Users\Jan\AppData\Roaming\Apple Computer
2014-02-26 18:01:02 ----D---- C:\ProgramData\ABBYY
2014-02-26 11:29:34 ----D---- C:\ProgramData\CMUV
2014-02-26 11:10:12 ----D---- C:\Users\Jan\AppData\Roaming\CMUV
2014-02-24 22:57:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-23 19:24:40 ----D---- C:\Downloads
2014-02-23 14:18:01 ----D---- C:\Program Files (x86)\Calibre2
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RTNUninst64.dll
2014-02-23 13:45:32 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-02-23 13:37:03 ----D---- C:\Users\Jan\AppData\Roaming\IObit
2014-02-23 13:37:03 ----D---- C:\ProgramData\IObit
2014-02-23 13:36:52 ----D---- C:\Program Files (x86)\IObit
2014-02-21 18:02:11 ----D---- C:\Program Files\Windows Media Player
2014-02-21 18:02:11 ----D---- C:\Program Files\Microsoft Office
2014-02-21 18:02:11 ----D---- C:\Program Files\DVD Maker
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\System
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-02-21 18:02:11 ----D---- C:\Program Files (x86)\Windows Media Player
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Mirillis
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-02-21 18:02:09 ----D---- C:\GPS_Data
2014-02-21 18:02:09 ----D---- C:\FRST
2014-02-21 17:59:40 ----D---- C:\ProgramData\PMS
2014-02-21 17:59:40 ----D---- C:\ProgramData\oem
2014-02-21 17:59:40 ----D---- C:\ProgramData\install_clap
2014-02-21 17:59:37 ----D---- C:\ProgramData\tmp
2014-02-21 13:51:20 ----D---- C:\Windows\Panther
2014-02-21 13:50:26 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
2014-02-17 22:44:50 ----D---- C:\Program Files (x86)\7-Zip
2014-02-17 17:21:33 ----D---- C:\rsit
2014-02-17 10:59:06 ----D---- C:\Windows\system
2014-02-16 11:10:40 ----D---- C:\Windows\system32\MRT
2014-02-16 11:08:43 ----A---- C:\Windows\system32\MRT.exe
2014-02-16 08:08:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 17:10:58 ----D---- C:\Windows\rescache
2014-02-14 15:57:20 ----D---- C:\Windows\Microsoft.NET
2014-02-14 15:54:49 ----RSD---- C:\Windows\assembly
2014-02-14 13:55:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 13:55:22 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 13:55:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 13:55:18 ----D---- C:\Program Files\Internet Explorer
2014-02-14 13:49:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-08-22 192824]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-08-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-08-01 31544]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-07-10 667496]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-07-10 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-12-23 69376]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-20 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-07 381440]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-01-20 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-20 970336]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-08-01 147768]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-08-22 241464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-08-22 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-05-10 55384]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-10-15 251664]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-10-15 126736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-07 283064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-23 3771352]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-23 99800]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-04-12 2431792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-23 266968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-02-23 888536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-01-20 279136]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 gwiopm;gwiopm; \??\C:\Program Files (x86)\Unknown Device Identifier\gwiopm.sys []
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2011-11-04 58368]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-02-15 164864]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PQAWRwa;PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys []
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-10-25 167936]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-10-15 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-07-04 106256]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-09-30 36568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [2009-08-18 7599616]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2011-01-03 77824]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2013-12-20 359936]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S3 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24 257928]
S3 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-20 3975088]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-19 1255736]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119501
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: prosím o preventivní kontrolu

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\inf\mncgmowal.vbe
C:\Windows\system32\msstp.vbe
C:\Windows\inf\mncebivqb.vbe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mncgmowalSrv"=-
"MSStp"=-
"mncebivqbSrv"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
elzad

Re: prosím o preventivní kontrolu

#7 Příspěvek od elzad »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2014-03-12 18:49:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 411 GB (88%) free of 467 GB
Total RAM: 4008 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:49:12, on 12.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
C:\Program Files\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKLM\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\Windows\TEMP\E_SDBB.tmp" /EF "HKCU"
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Nezapomen] C:\Program Files (x86)\Nezapomen\nezapomen.exe 41710
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Display Stix - System tray] C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-18\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsažené FLV video - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13359 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {4B229604-468B-4B02-A16D-951EDB758683}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE"
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {04A46600-CE1D-467D-8CC8-04900F5E5659}
C:\Windows\system32\PrintCtrl.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files\Serviio\bin\ServiioService.exe"
"C:\Program Files\Serviio\bin\ServiioService.exe" Serviio __i4j_restart
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe"
"C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-78a4143b-00d4-4327-9b25-4c861d4aacc1 -SystemEventPortName:HostProcess-7a3ec2bd-06a9-4fa2-a5d7-01f749ad265e -IoCancelEventPortName:HostProcess-ec703233-ff8f-4d08-9d27-32cd66d64ddc -NonStateChangingEventPortName:HostProcess-567059b1-885c-4d2c-be64-9ec002b22cf3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5e2abff5-69df-41a0-b20a-cd6417f9f99f -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe" /RunCurUs
C:\Windows\system32\wbem\wmiprvse.exe
wmiadap.exe /R /T
"C:\rsit\RSITx64.exe"
C:\Windows\system32\sppsvc.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
C:\Windows\tasks\Plus-HD-8.1-enabler.job
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-8.1-updater.job
C:\Windows\tasks\SpyHunter4.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
nsILegitCheckPlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\extensions\
8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
ascsurfingprotection@iobit.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{3112ca9c-de6d-4884-a869-9855de68056c}
{ada4b710-8346-4b82-8199-5de2b400a6ae}

C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\diyx8kvd.default\searchplugins\
hledejcenycz.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC64.dll [2012-12-14 393688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-02-21 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-28 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-28 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2012-12-14 360408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-28 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-02-25 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-07-15 23337040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-07-15 17727568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 442328]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-24 13662936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"Nezapomen"=C:\Program Files (x86)\Nezapomen\nezapomen.exe [2001-06-30 457216]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-07-15 108624]
"ISUSPM Startup"=c:\progra~2\common~1\instal~1\update~1\isuspm.exe [2004-06-16 221184]
"f.lux"=C:\Users\Jan\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-16 1016712]
"Display Stix - System tray"=C:\Program Files (x86)\Fractalis Software\Display Stix 2.1.1\dstix.exe [2004-01-12 241664]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-02-11 2288928]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-09-27 801816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gbrspcontrol]
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]
"Bonus.SSR.FR11"=C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-30 925960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\Windows\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2014-03-12 18:40:40 ----D---- C:\_OTM
2014-03-12 14:59:12 ----A---- C:\Windows\ntbtlog.txt
2014-03-11 12:10:26 ----D---- C:\ProgramData\YTD Video Downloader
2014-03-11 12:08:04 ----D---- C:\Extracted
2014-03-11 11:50:06 ----D---- C:\Program Files (x86)\GreenTree Applications
2014-03-05 22:09:00 ----SHD---- C:\Config.Msi
2014-03-05 13:13:29 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 13:07:23 ----D---- C:\ProgramData\Apple Computer
2014-03-05 13:05:53 ----D---- C:\ProgramData\Apple
2014-02-27 17:13:15 ----D---- C:\Users\Jan\AppData\Roaming\avidemux
2014-02-26 18:29:35 ----D---- C:\Users\Jan\AppData\Roaming\ABBYY
2014-02-26 18:21:28 ----D---- C:\Program Files (x86)\ABBYY FineReader 11
2014-02-26 17:27:24 ----A---- C:\Windows\system32\Rtlihvs.dll
2014-02-26 17:27:10 ----A---- C:\Windows\SwUSB.exe
2014-02-26 17:27:10 ----A---- C:\Windows\runSW.exe
2014-02-26 17:27:09 ----A---- C:\Windows\SYSWOW64\ISSRemoveSP.exe
2014-02-26 01:43:43 ----D---- C:\Users\Jan\AppData\Roaming\IsolatedStorage
2014-02-26 01:43:43 ----D---- C:\ProgramData\IsolatedStorage
2014-02-26 01:41:59 ----D---- C:\Spacekace
2014-02-24 11:05:02 ----A---- C:\Windows\system32\USBCoInstaller.dll
2014-02-23 13:52:41 ----A---- C:\Windows\SYSWOW64\RtsUStoricon.dll
2014-02-23 13:52:41 ----A---- C:\Windows\system32\drivers\RtsUStor.sys
2014-02-23 13:52:08 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2014-02-23 13:52:08 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-02-23 13:46:28 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2014-02-23 13:43:46 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-02-23 13:43:43 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-02-23 13:43:41 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-02-23 13:43:40 ----A---- C:\Windows\system32\RtkAPO64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\RTCOM64.dll
2014-02-23 13:43:39 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoRes64.dat
2014-02-23 13:43:38 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-23 13:43:36 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-02-23 13:43:33 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-02-23 13:43:31 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-23 13:43:30 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-02-23 13:43:21 ----A---- C:\log.txt
2014-02-23 13:36:57 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-02-23 13:36:02 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-23 13:36:01 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2014-02-21 13:45:13 ----D---- C:\ProgramData\ProductData
2014-02-21 13:45:01 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-20 21:27:15 ----D---- C:\Users\Jan\AppData\Roaming\AnvSoft
2014-02-20 21:26:57 ----D---- C:\Program Files (x86)\AnvSoft
2014-02-19 17:45:00 ----D---- C:\Program Files (x86)\Plus-HD-8.1
2014-02-17 10:59:07 ----RA---- C:\Windows\system32\CmiInstallResAll64.dll
2014-02-17 10:59:03 ----RA---- C:\Windows\difxapi.dll
2014-02-15 14:08:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-14 13:47:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-14 13:47:40 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 13:47:05 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 13:47:04 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 13:47:02 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-14 13:47:01 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 13:47:01 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 13:47:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 13:47:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 13:46:59 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 13:46:58 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-14 13:46:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-14 13:46:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-14 13:46:56 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-14 09:32:54 ----A---- C:\Windows\system32\msxml3.dll
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-14 09:32:42 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\secproc.dll
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 09:32:41 ----A---- C:\Windows\system32\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-14 09:32:39 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 09:32:39 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-14 09:32:38 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-14 09:32:33 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-14 09:32:32 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-14 09:32:32 ----A---- C:\Windows\system32\d2d1.dll

======List of files/folders modified in the last 1 month======

2014-03-12 18:49:12 ----D---- C:\Windows\Prefetch
2014-03-12 18:49:06 ----D---- C:\Program Files\trend micro
2014-03-12 18:48:07 ----D---- C:\Windows\Temp
2014-03-12 18:46:02 ----D---- C:\Windows\system32\config
2014-03-12 18:41:01 ----D---- C:\Windows
2014-03-12 18:40:42 ----D---- C:\Windows\Tasks
2014-03-12 18:40:42 ----D---- C:\Windows\inf
2014-03-12 18:40:42 ----AD---- C:\Windows\SysWOW64
2014-03-12 18:38:48 ----D---- C:\Users\Jan\AppData\Roaming\IDM
2014-03-12 18:15:44 ----AD---- C:\Windows\System32
2014-03-12 18:15:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-12 15:02:37 ----D---- C:\Windows\SoftwareDistribution
2014-03-12 14:59:53 ----D---- C:\Windows\system32\catroot2
2014-03-12 14:59:15 ----D---- C:\Windows\debug
2014-03-12 11:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-03-11 13:59:47 ----D---- C:\Users\Jan\AppData\Roaming\DMCache
2014-03-11 12:10:26 ----HD---- C:\ProgramData
2014-03-11 12:03:15 ----D---- C:\Program Files (x86)
2014-03-11 11:46:04 ----AD---- C:\ProgramData\Temp
2014-03-11 11:45:46 ----D---- C:\Program Files (x86)\SpywareBlaster
2014-03-11 09:48:52 ----D---- C:\AdwCleaner
2014-03-11 09:48:46 ----D---- C:\Windows\system32\Tasks
2014-03-11 09:48:45 ----D---- C:\Program Files (x86)\Common Files
2014-03-09 19:21:27 ----D---- C:\Windows\system32\NDF
2014-03-09 19:06:27 ----D---- C:\Windows\system32\catroot
2014-03-09 18:58:26 ----SHD---- C:\System Volume Information
2014-03-09 18:46:04 ----D---- C:\Windows\system32\wfp
2014-03-09 18:46:01 ----D---- C:\Windows\system32\wbem
2014-03-09 18:45:23 ----D---- C:\Windows\system32\DriverStore
2014-03-09 18:45:19 ----D---- C:\Windows\winsxs
2014-03-09 18:45:19 ----D---- C:\Windows\system32\drivers\etc
2014-03-09 18:45:14 ----SHD---- C:\Windows\Installer
2014-03-09 18:45:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-03-09 18:45:14 ----AD---- C:\Windows\system32\drivers
2014-03-09 18:45:13 ----D---- C:\Windows\AppCompat
2014-03-09 18:45:13 ----D---- C:\Users\Jan\AppData\Roaming\GHISLER
2014-03-09 18:45:13 ----D---- C:\Users\Jan\AppData\Roaming\Feedreader
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\The KMPlayer
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\SmartSound Software
2014-03-09 18:45:12 ----D---- C:\Program Files (x86)\RocketDock
2014-03-09 18:45:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-03-09 18:45:11 ----D---- C:\Program Files (x86)\Nezapomen
2014-03-09 18:45:10 ----D---- C:\Windows\registration
2014-03-09 18:44:35 ----D---- C:\ProgramData\MySQL
2014-03-07 17:41:30 ----D---- C:\Temp
2014-03-05 23:28:45 ----D---- C:\Program Files\Common Files
2014-03-05 23:23:12 ----D---- C:\Program Files (x86)\CyberLink
2014-03-05 23:18:45 ----D---- C:\Program Files (x86)\Google
2014-03-05 22:09:04 ----RD---- C:\Program Files
2014-03-05 22:03:44 ----DC---- C:\Windows\system32\DRVSTORE
2014-03-05 13:08:37 ----D---- C:\Users\Jan\AppData\Roaming\Apple Computer
2014-02-26 18:01:02 ----D---- C:\ProgramData\ABBYY
2014-02-26 11:29:34 ----D---- C:\ProgramData\CMUV
2014-02-26 11:10:12 ----D---- C:\Users\Jan\AppData\Roaming\CMUV
2014-02-23 19:24:40 ----D---- C:\Downloads
2014-02-23 14:18:01 ----D---- C:\Program Files (x86)\Calibre2
2014-02-23 13:46:29 ----A---- C:\Windows\system32\RTNUninst64.dll
2014-02-23 13:45:32 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-02-23 13:37:03 ----D---- C:\Users\Jan\AppData\Roaming\IObit
2014-02-23 13:37:03 ----D---- C:\ProgramData\IObit
2014-02-23 13:36:52 ----D---- C:\Program Files (x86)\IObit
2014-02-21 18:02:11 ----D---- C:\Program Files\Windows Media Player
2014-02-21 18:02:11 ----D---- C:\Program Files\Microsoft Office
2014-02-21 18:02:11 ----D---- C:\Program Files\DVD Maker
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\System
2014-02-21 18:02:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-02-21 18:02:11 ----D---- C:\Program Files (x86)\Windows Media Player
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Mirillis
2014-02-21 18:02:10 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-02-21 18:02:09 ----D---- C:\GPS_Data
2014-02-21 18:02:09 ----D---- C:\FRST
2014-02-21 17:59:40 ----D---- C:\ProgramData\PMS
2014-02-21 17:59:40 ----D---- C:\ProgramData\oem
2014-02-21 17:59:40 ----D---- C:\ProgramData\install_clap
2014-02-21 17:59:37 ----D---- C:\ProgramData\tmp
2014-02-21 13:51:20 ----D---- C:\Windows\Panther
2014-02-21 13:50:26 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
2014-02-17 22:44:50 ----D---- C:\Program Files (x86)\7-Zip
2014-02-17 17:21:33 ----D---- C:\rsit
2014-02-17 10:59:06 ----D---- C:\Windows\system
2014-02-16 11:10:40 ----D---- C:\Windows\system32\MRT
2014-02-16 11:08:43 ----A---- C:\Windows\system32\MRT.exe
2014-02-16 08:08:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 17:10:58 ----D---- C:\Windows\rescache
2014-02-14 15:57:20 ----D---- C:\Windows\Microsoft.NET
2014-02-14 15:54:49 ----RSD---- C:\Windows\assembly
2014-02-14 13:55:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 13:55:22 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 13:55:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 13:55:18 ----D---- C:\Program Files\Internet Explorer
2014-02-14 13:49:44 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-08-22 192824]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-08-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-08-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-08-01 31544]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-07-10 667496]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-07-10 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-12-23 69376]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 21184]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2012-01-20 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-07 381440]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2012-01-20 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2012-01-20 970336]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2013-08-01 147768]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-08-22 241464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-08-22 212280]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-08-01 251192]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2012-05-10 55384]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2013-10-15 251664]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2013-10-15 126736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-07 283064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-23 3771352]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-23 99800]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-04-12 2431792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-23 266968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-02-23 888536]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2012-01-20 279136]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 gwiopm;gwiopm; \??\C:\Program Files (x86)\Unknown Device Identifier\gwiopm.sys []
S3 CH341SER_A64;CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [2011-11-04 58368]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2012-02-15 164864]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PQAWRwa;PQAWRwa; \??\C:\Windows\SysWOW64\PQAWDrv.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys []
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-10-25 167936]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys []
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-10-15 140560]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-07-04 106256]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2013-09-30 36568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2009-09-14 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2009-09-14 128512]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-11-11 341824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [2009-08-18 7599616]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2011-01-03 77824]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2013-12-20 359936]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-07-07 2156952]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S3 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-01-20 3975088]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-15 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-19 1255736]
S4 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S4 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S4 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119501
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: prosím o preventivní kontrolu

#8 Příspěvek od Rudy »

Dvouklikem na soubor C:\Program Files\trend micro\Jan.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
elzad

Re: prosím o preventivní kontrolu

#9 Příspěvek od elzad »

Provedeno, díky.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119501
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: prosím o preventivní kontrolu

#10 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“