Prosím o kontrolu

[pespes]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Monika at 2015-01-02 16:20:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 347 GB (73%) free of 476 GB
Total RAM: 2038 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:20:20, on 2.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
C:\Windows\iSlim310\Monitor.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Monika.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1420202474
O4 - HKUS\S-1-5-21-2352618974-2862376506-435946465-1678\..\RunOnce: [Adobe Speed Launcher] 1420211143 (User 'obycejny')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8445 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\lxdncoms.exe -service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
WLIDSvcM.exe 1384
"C:\Windows\iSlim310\Monitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a1ead6b8-e0b5-4ce8-b260-594f5260256a -SystemEventPortName:HostProcess-8cec7e87-8240-45f2-80f8-e1b6680e99b2 -IoCancelEventPortName:HostProcess-ba17b3fd-0352-47b5-addc-f7b3cbd0a461 -NonStateChangingEventPortName:HostProcess-2f949ed2-f25c-4113-b610-908a15bca7d8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2303aa01-deda-4d5b-b889-7ed7747f4504 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\obycejny\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\2f7yhcr8.default-1419881933435

prefs.js - "browser.startup.homepage" - "http://web.volny.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-11-25 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-11-25 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088]
"lxdnmon.exe"=C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe [2008-03-27 660136]
"lxdnamon"=C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe [2008-03-27 16040]
"iSlim310_Monitor"=C:\Windows\iSlim310\Monitor.exe [2007-12-10 323584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1420202474 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [2008-03-27 320168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-12-12 5227112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.0.lnk - C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-01-02 13:38:31 ----D---- C:\4ce6e1befdc029b0ac72376629
2015-01-02 13:31:48 ----D---- C:\TV
2015-01-02 12:49:42 ----D---- C:\Users\Monika\AppData\Roaming\ArcSoft
2015-01-02 12:42:05 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2014-12-18 09:56:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 09:56:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-12 08:49:07 ----D---- C:\Windows\system32\appraiser
2014-12-11 23:11:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 23:11:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 23:11:15 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 23:11:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 23:11:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 23:11:10 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 23:11:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 23:11:09 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 23:11:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 23:11:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 23:11:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 23:11:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 23:10:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 23:10:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 23:10:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 23:10:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 23:10:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 23:10:47 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 23:10:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 23:10:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 23:10:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 23:10:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 23:10:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 23:10:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 23:10:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 23:10:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 23:10:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 23:10:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 23:10:22 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 23:10:22 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 23:10:16 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 23:10:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 23:10:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 23:10:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 23:10:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 23:10:04 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 23:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 23:09:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 23:09:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 23:09:46 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 23:09:45 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 23:09:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 23:09:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 23:09:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 23:09:40 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 23:09:40 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 23:09:38 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 23:09:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 23:09:34 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 23:09:20 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 23:03:41 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 23:03:40 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 23:03:40 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 23:03:40 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 23:03:35 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 23:03:25 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 23:03:25 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 23:03:19 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 23:02:45 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 23:02:42 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 23:02:17 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 23:02:03 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 23:02:00 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 23:01:58 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 23:01:57 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 23:01:57 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 23:01:54 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 23:01:52 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 23:01:51 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 23:01:48 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 23:01:45 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 22:54:30 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 22:54:28 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 22:53:54 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 22:53:54 ----A---- C:\Windows\system32\tzres.dll
2014-12-11 10:13:39 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 10:13:39 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 10:13:39 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 10:13:38 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 10:13:38 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 10:13:38 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 10:13:37 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 10:13:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 10:13:37 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 10:13:33 ----A---- C:\Windows\system32\mf.dll
2014-12-10 08:17:25 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-01-02 16:20:17 ----D---- C:\Program Files\trend micro
2015-01-02 16:15:46 ----D---- C:\Windows\Temp
2015-01-02 16:11:42 ----D---- C:\Windows\system32\config
2015-01-02 14:13:30 ----D---- C:\Windows\system32\catroot
2015-01-02 14:12:44 ----D---- C:\Users\Monika\AppData\Roaming\OpenOffice.org2
2015-01-02 14:02:17 ----D---- C:\Users\Monika\AppData\Roaming\Skype
2015-01-02 13:57:46 ----RD---- C:\Program Files (x86)
2015-01-02 13:57:46 ----HD---- C:\ProgramData
2015-01-02 13:03:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-02 12:54:27 ----D---- C:\Windows\system32\DriverStore
2015-01-02 12:54:26 ----D---- C:\Windows\inf
2015-01-02 12:44:22 ----D---- C:\Windows\system32\drivers
2015-01-02 12:43:17 ----D---- C:\Windows\System32
2015-01-02 12:43:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-02 12:42:34 ----D---- C:\Windows
2015-01-02 10:26:08 ----D---- C:\Windows\Prefetch
2015-01-02 10:18:20 ----SHD---- C:\$Recycle.Bin
2015-01-02 10:17:56 ----RD---- C:\Users
2015-01-01 09:59:01 ----SHD---- C:\System Volume Information
2014-12-25 14:35:29 ----D---- C:\Windows\system32\catroot2
2014-12-23 09:33:19 ----D---- C:\Windows\system32\Tasks
2014-12-22 12:11:58 ----SHD---- C:\Windows\Installer
2014-12-22 12:11:00 ----D---- C:\Windows\SysWOW64
2014-12-21 16:28:34 ----D---- C:\ProgramData\Skype
2014-12-21 16:28:28 ----RD---- C:\Program Files (x86)\Skype
2014-12-18 10:00:58 ----D---- C:\Windows\winsxs
2014-12-17 18:18:31 ----D---- C:\ProgramData\Adobe
2014-12-17 18:18:25 ----D---- C:\Program Files (x86)\Adobe
2014-12-12 08:49:07 ----SD---- C:\Windows\system32\CompatTel
2014-12-12 08:49:07 ----D---- C:\Windows\AppCompat
2014-12-12 08:49:06 ----SD---- C:\ProgramData\Microsoft
2014-12-12 08:49:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 08:49:05 ----D---- C:\Program Files\Internet Explorer
2014-12-12 08:49:04 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 08:49:03 ----D---- C:\Windows\system32\en-US
2014-12-12 08:49:03 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 08:49:03 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 08:49:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-12 01:30:43 ----D---- C:\ProgramData\Microsoft Help
2014-12-11 23:17:12 ----D---- C:\Program Files (x86)\Google
2014-12-11 10:19:00 ----D---- C:\Windows\system32\MRT
2014-12-11 10:14:18 ----D---- C:\Windows\debug
2014-12-11 10:14:11 ----A---- C:\Windows\system32\MRT.exe
2014-12-11 08:51:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-06 09:44:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-19 44640]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-01-02 165504]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-16 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-16 27136]
S3 PAC7302;iSlim310; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-16 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-16 9216]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-11-25 50344]
R2 lxdn_device;lxdn_device; C:\Windows\system32\lxdncoms.exe [2008-02-28 1044648]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2008-02-28 33960]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-12-26 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-10 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[pespes]

# AdwCleaner v4.106 - Report created 02/01/2015 at 22:33:10
# Updated 21/12/2014 by Xplode
# Database : 2015-01-01.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Monika - VENDA-PC
# Running from : C:\Users\obycejny\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 cs)


*************************

AdwCleaner[R0].txt - [5504 octets] - [02/01/2015 22:18:15]
AdwCleaner[R1].txt - [924 octets] - [02/01/2015 22:30:16]
AdwCleaner[S0].txt - [5332 octets] - [02/01/2015 22:21:48]
AdwCleaner[S1].txt - [801 octets] - [02/01/2015 22:33:10]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [860 octets] ##########

[Márty84]

Vidim, ze byl ADWCleaner spusteny dvakrat a tohle je log az z druheho skenu, cili uz je cisty Predpokladam, ze prvni sken neco nasel, je to tak?


Je s pc nejaky konkretni problem, nebo jde ciste jen o prevenci?


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[pespes]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3.1.2015
Čas skenování: 9:36:31
Protokol: MBAM_.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.03.04
Databáze rootkitů: v2014.12.30.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Monika

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 400096
Uplynulý čas: 20 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[pespes]

Dobrý den,
děkuji za pomoc. S ADW jsem zmatkovala a opravdu v prvním scanu něco našel. Počítač je pouze zpomalený a v prohlížeči je adware... touto cestou jsem chtěla zjistit, jestli není zpomalení způsobeno nějakým škodlivým scriptem.

[Márty84]

Hezke dopoledne

Počítač je pouze zpomalený a v prohlížeči je adware

Jaky presne? Je tam i po pouziti ADWCleaneru?


Najdete tento log a zkopirujte mi ho sem C:\AdwCleaner\AdwCleaner[S0] (to je ten z prvniho spusteni, at vim, co nasel )

MBAM nebyl spusten podle navodu. Tohle byl jen sken hrozeb, u toho se neprohlizi cely pocitac. Musite dat Vlastni sken vsech disku - Custom Scan, tak jak to je v navodu. Spustte to tedy znovu a napiste vysledek. Pak docistime zbytek

[pespes]

# AdwCleaner v4.106 - Report created 02/01/2015 at 22:21:48
# Updated 21/12/2014 by Xplode
# Database : 2015-01-01.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Monika - VENDA-PC
# Running from : C:\Users\obycejny\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\Venda\Documents\Updater
File Deleted : C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\dtnfn05w.default-1364309838654\searchplugins\bingp.xml
File Deleted : C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\eickageg.default-1411678660749\searchplugins\bingp.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{88DCB4DD-146A-4540-A84F-D1ACD7DD04CD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 cs)


*************************

AdwCleaner[R0].txt - [5504 octets] - [02/01/2015 22:18:15]
AdwCleaner[S0].txt - [5102 octets] - [02/01/2015 22:21:48]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [5162 octets] ##########

[pespes]

Omlouvám se, že jsem vložila špatný log z MBAM, ale při prvním spuštěníjsem nemohla najít "vlastní nastavení" scanu.

[Márty84]

Nic se nedeje Ted tedy uz spravny sken bezi?

[pespes]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3.1.2015
Čas skenování: 12:13:12
Protokol: MBAM_.txt
Správce: Ne

Verze: 2.00.4.1028
Databáze malwaru: v2015.01.03.04
Databáze rootkitů: v2014.12.30.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: obycejny

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 473007
Uplynulý čas: 2 hod, 3 min, 57 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

Vyborne, MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna o falesny poplach

[pespes]

Velice se omlouvám, ale poslední krok není možné realizovat. Pomáhala jsem kontrolovat počítač známé a poslední krok (sken FRST) se ji nepodařilo provést. Velice děkuji za pomoc a prosím o ukončení vlákna. Viry.cz určitě podpoříme.

[Márty84]

Nemate zac!

A problem je to, ze uz se k pc nedostanete, nebo jen to, ze se vam nedari FRST?

Stacil by alespon novy log z RSIT. Chtelo by to docistit.

Samozrejme pokud uz neni moznost, neda se nic delat.

Za pripadny prispevek dekujeme

Tema necham chvili otevrene, kdybyste tu chtela jeste hodit ten log. Casem to zamknu

Mejte se krasne

[pespes]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Monika at 2015-01-06 20:05:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 346 GB (73%) free of 476 GB
Total RAM: 2038 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:39, on 6.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
C:\Windows\iSlim310\Monitor.exe
C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Program Files\trend micro\Monika.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1420529677
O4 - HKUS\S-1-5-21-2352618974-2862376506-435946465-1678\..\RunOnce: [Adobe Speed Launcher] 1420569097 (User 'obycejny')
O4 - S-1-5-21-2352618974-2862376506-435946465-1678 Startup: OpenOffice.org 2.0.lnk = C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe (User 'obycejny')
O4 - S-1-5-21-2352618974-2862376506-435946465-1678 User Startup: OpenOffice.org 2.0.lnk = C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe (User 'obycejny')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
O23 - Service: lxdn_device - - C:\Windows\system32\lxdncoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9113 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
C:\Windows\system32\lxdncoms.exe -service
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1980
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9539ec95-b706-43c1-920b-f5eb31035899 -SystemEventPortName:HostProcess-7c199ea2-13ee-407f-ba5a-699f03624ae5 -IoCancelEventPortName:HostProcess-ff6415de-9019-4142-b2e7-a2dbf4a761dd -NonStateChangingEventPortName:HostProcess-e036b196-faa1-44a4-8221-3798a4231f7e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cd1dc8b3-0269-470b-bff9-1224998d8c8f -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
"C:\Windows\iSlim310\Monitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.exe" -quickstart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\OpenOffice.org 2.0\program\soffice.exe" -quickstart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1908.11e5b3a0.1257380399 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1908 "\\.\pipe\gecko-crash-server-pipe.1908" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe" --proxy-stub-channel=Flash5016.62366188.12072 --host-broker-channel=Flash5016.62366188.4361 --host-pid=5016 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe" --channel=3356.003EF910.1174820877 --proxy-stub-channel=Flash5016.62366188.12072 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\obycejny\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\2f7yhcr8.default-1419881933435

prefs.js - "browser.startup.homepage" - "http://web.volny.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.246 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-11-25 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-11-25 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088]
"lxdnmon.exe"=C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe [2008-03-27 660136]
"lxdnamon"=C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe [2008-03-27 16040]
"iSlim310_Monitor"=C:\Windows\iSlim310\Monitor.exe [2007-12-10 323584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1420529677 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [2008-03-27 320168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-12-12 5227112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]

C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.0.lnk - C:\Program Files (x86)\OpenOffice.org 2.0\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-01-02 22:18:12 ----D---- C:\AdwCleaner
2015-01-02 17:24:14 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2015-01-02 13:38:31 ----D---- C:\4ce6e1befdc029b0ac72376629
2015-01-02 13:31:48 ----D---- C:\TV
2015-01-02 12:49:42 ----D---- C:\Users\Monika\AppData\Roaming\ArcSoft
2015-01-02 12:42:05 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2014-12-18 09:56:43 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 09:56:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-12 08:49:07 ----D---- C:\Windows\system32\appraiser
2014-12-11 23:11:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 23:11:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 23:11:15 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 23:11:14 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 23:11:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 23:11:10 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 23:11:09 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 23:11:09 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 23:11:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 23:11:05 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 23:11:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 23:11:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 23:10:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 23:10:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 23:10:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 23:10:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 23:10:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 23:10:47 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 23:10:46 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 23:10:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 23:10:42 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 23:10:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 23:10:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 23:10:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 23:10:28 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 23:10:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 23:10:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 23:10:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 23:10:22 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 23:10:22 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 23:10:16 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 23:10:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 23:10:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 23:10:10 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 23:10:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 23:10:04 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 23:09:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 23:09:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 23:09:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 23:09:46 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 23:09:45 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 23:09:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 23:09:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 23:09:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 23:09:40 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 23:09:40 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 23:09:38 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 23:09:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 23:09:34 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 23:09:20 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 23:03:41 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-11 23:03:40 ----A---- C:\Windows\system32\appraiser.dll
2014-12-11 23:03:40 ----A---- C:\Windows\system32\aepic.dll
2014-12-11 23:03:40 ----A---- C:\Windows\system32\aeinv.dll
2014-12-11 23:03:35 ----A---- C:\Windows\system32\invagent.dll
2014-12-11 23:03:25 ----A---- C:\Windows\system32\generaltel.dll
2014-12-11 23:03:25 ----A---- C:\Windows\system32\devinv.dll
2014-12-11 23:03:19 ----A---- C:\Windows\system32\aepdu.dll
2014-12-11 23:02:45 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 23:02:42 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 23:02:17 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 23:02:03 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 23:02:00 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 23:01:58 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 23:01:57 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 23:01:57 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 23:01:54 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 23:01:52 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 23:01:51 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 23:01:48 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 23:01:45 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 22:54:30 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 22:54:28 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 22:53:54 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 22:53:54 ----A---- C:\Windows\system32\tzres.dll
2014-12-11 10:13:39 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 10:13:39 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 10:13:39 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 10:13:38 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 10:13:38 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 10:13:38 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 10:13:37 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 10:13:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 10:13:37 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 10:13:33 ----A---- C:\Windows\system32\mf.dll
2014-12-10 08:17:25 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2015-01-06 20:05:38 ----D---- C:\Program Files\trend micro
2015-01-06 20:02:57 ----D---- C:\Windows\Temp
2015-01-06 17:11:19 ----D---- C:\Windows\System32
2015-01-06 17:11:19 ----D---- C:\Windows\inf
2015-01-06 17:11:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-06 12:28:24 ----D---- C:\Windows\system32\config
2015-01-06 08:34:59 ----D---- C:\Users\Monika\AppData\Roaming\OpenOffice.org2
2015-01-05 16:51:34 ----D---- C:\Users\Monika\AppData\Roaming\Skype
2015-01-04 21:31:20 ----SHD---- C:\System Volume Information
2015-01-04 21:08:09 ----D---- C:\Program Files (x86)\Philips
2015-01-04 21:08:08 ----D---- C:\Windows\SYSWOW64\drivers
2015-01-04 21:08:08 ----D---- C:\Windows\SysWOW64
2015-01-04 20:55:35 ----RD---- C:\Program Files (x86)
2015-01-04 20:55:35 ----D---- C:\Windows\system32\drivers
2015-01-03 22:49:09 ----D---- C:\Windows\Prefetch
2015-01-03 19:36:23 ----D---- C:\Windows\system32\catroot2
2015-01-03 09:34:40 ----D---- C:\ProgramData\Malwarebytes
2015-01-02 22:21:48 ----HD---- C:\ProgramData
2015-01-02 19:12:26 ----D---- C:\Program Files (x86)\Google
2015-01-02 18:15:55 ----D---- C:\Windows
2015-01-02 17:19:47 ----SHD---- C:\Windows\Installer
2015-01-02 17:19:47 ----SD---- C:\Users\Monika\AppData\Roaming\Microsoft
2015-01-02 17:11:03 ----D---- C:\Windows\Panther
2015-01-02 17:11:03 ----D---- C:\Windows\ModemLogs
2015-01-02 17:11:02 ----D---- C:\Windows\Logs
2015-01-02 17:11:02 ----D---- C:\Windows\debug
2015-01-02 17:04:24 ----D---- C:\Windows\system32\Tasks
2015-01-02 17:04:04 ----D---- C:\Program Files (x86)\CCleaner
2015-01-02 16:49:47 ----D---- C:\Windows\SYSWOW64\config
2015-01-02 14:13:30 ----D---- C:\Windows\system32\catroot
2015-01-02 13:03:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-02 12:54:27 ----D---- C:\Windows\system32\DriverStore
2015-01-02 10:18:20 ----SHD---- C:\$Recycle.Bin
2015-01-02 10:17:56 ----RD---- C:\Users
2014-12-21 16:28:34 ----D---- C:\ProgramData\Skype
2014-12-21 16:28:28 ----RD---- C:\Program Files (x86)\Skype
2014-12-18 10:00:58 ----D---- C:\Windows\winsxs
2014-12-17 18:18:31 ----D---- C:\ProgramData\Adobe
2014-12-17 18:18:25 ----D---- C:\Program Files (x86)\Adobe
2014-12-12 08:49:07 ----SD---- C:\Windows\system32\CompatTel
2014-12-12 08:49:07 ----D---- C:\Windows\AppCompat
2014-12-12 08:49:06 ----SD---- C:\ProgramData\Microsoft
2014-12-12 08:49:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 08:49:05 ----D---- C:\Program Files\Internet Explorer
2014-12-12 08:49:04 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 08:49:03 ----D---- C:\Windows\system32\en-US
2014-12-12 08:49:03 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 08:49:03 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 08:49:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-12 01:30:43 ----D---- C:\ProgramData\Microsoft Help
2014-12-11 10:19:00 ----D---- C:\Windows\system32\MRT
2014-12-11 10:14:11 ----A---- C:\Windows\system32\MRT.exe
2014-12-11 08:51:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-19 44640]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-01-02 165504]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-11-16 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-11-16 27136]
S3 PAC7302;iSlim310; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-16 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-16 9216]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-11-25 50344]
R2 lxdn_device;lxdn_device; C:\Windows\system32\lxdncoms.exe [2008-02-28 1044648]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2008-02-28 33960]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-12-26 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-10 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-08 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 CCALib8;Canon Camera Access Library 8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------