VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nejde SSL

https://forum.viry.cz:443/viewtopic.php?t=139095

Stránka 1 z 1

Nejde SSL

Napsal: 11 črc 2014 09:55
od Marocasnocha
DObrý den,
prosím o pročištění PC , v počítači je umístěn zdřejmě malware, v prohlížeči vyskakuji reklamy, nenačítá se email apod.

Tady je výpis logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2014-07-11 10:44:37
Microsoft Windows 8
System drive C: has 537 GB (88%) free of 612 GB
Total RAM: 7375 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:44:41, on 11. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adanak\bin\Adanak.BrowserAdapter.exe
C:\PROGRA~2\SketchUp\SKETCH~1\SketchUp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marek\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: cosstminn - {45E2382C-DDB7-7266-4740-ECB596DA8A77} - C:\Program Files (x86)\cosstminn\Zv0GN2ERFJ.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adanak - {ef05f09c-9b2a-43a0-8155-fab1d641215a} - C:\Program Files (x86)\Adanak\Adanakbho.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [mswprfSrv] "C:\WINDOWS\system32\mswprf.vbe" msuhavbv mslkvl
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: Outlook 2013.lnk = C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Adanak - Unknown owner - C:\Program Files (x86)\Adanak\updateAdanak.exe
O23 - Service: Util Adanak - Unknown owner - C:\Program Files (x86)\Adanak\bin\utilAdanak.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12927 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Apps Hat-firefoxinstaller.job - C:\Program Files (x86)\Apps Hat\Apps Hat-firefoxinstaller.exe /installxpi /agentregpath='Apps Hat' /extensionfilepath='C:\Program Files (x86)\Apps Hat\48559.xpi' /appid=48559 /srcid='000820' /subid='0' /zdata='appshatmadness' /bic=9F1D5078924E4E22B56130AACC11DDDEIE /verifier=778843b301a4fc7f395a1513eede9a5c /installerversion=1_34_3_28 /installerfullversion=1.34.3.28 /installationtime=1397414162 /statsdomain=http://stats.clientdemocloud.com /errorsdomain=http://errors.clientdemocloud.com /waitforbrowser=300 /extensionid=39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com /extensionversion=0.94 /prefsbranch=a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /48559.rdf /extensionname='Apps Hat' /extensiondesc='Apps Hat is the cool new Android app store that helps you discover hot new apps, both free and discounted. Get personalised recommendations, price drop alerts, and share your favourite apps with your friends.' /publishername='Nero' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='http://update.clientdemocloud.com/ff_ag ... pdate.json' /runfrom='task' /externallog=''
C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job - C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe --RELAUNCH=1 --CMPID=0414c
C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job - C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe --CMPID=0414c --uninstall=1
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002Core.job - C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4079485096-1562105636-3085926805-1002UA.job - C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8watuex0.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "https://www.google.com/search"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1212152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8watuex0.default\extensions\
39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
fmrf_add@atqfauy.co.uk

C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\8watuex0.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45E2382C-DDB7-7266-4740-ECB596DA8A77}]
cosstminn - C:\Program Files (x86)\cosstminn\Zv0GN2ERFJ.dll [2013-07-11 468480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-01 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-06-10 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-06 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ef05f09c-9b2a-43a0-8155-fab1d641215a}]
Adanak - C:\Program Files (x86)\Adanak\Adanakbho.dll [2014-07-11 249624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-01 4086432]
"SafeQClient"=C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [2013-09-18 493056]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-06-25 1956760]
"mswprfSrv"=C:\WINDOWS\system32\mswprf.vbe [2014-07-06 649]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-06-27 24477056]
"Lync"=C:\Program Files\Microsoft Office 15\root\office15\lync.exe [2014-05-28 18997408]
"cz.seznam.software.autoupdate"=C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Google Update"=C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe /c []
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21444224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
vpngui.exe.lnk - C:\WINDOWS\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe

C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM
"msacm.l3codecp"=l3codecp.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2014-07-11 10:44:37 ----D---- C:\Program Files (x86)\trend micro
2014-07-11 10:44:36 ----D---- C:\rsit
2014-07-11 09:09:03 ----D---- C:\Users\Marek\AppData\Roaming\RPS 3D PDF
2014-07-11 09:07:18 ----D---- C:\Users\Marek\AppData\Roaming\Render Plus Systems
2014-07-11 09:03:50 ----A---- C:\WINDOWS\SysWOW64\ssleay32.dll
2014-07-11 09:03:50 ----A---- C:\WINDOWS\SysWOW64\readme.txt
2014-07-11 09:03:50 ----A---- C:\WINDOWS\SysWOW64\msvcr71d.dll
2014-07-11 09:03:50 ----A---- C:\WINDOWS\SysWOW64\msvcp71d.dll
2014-07-11 09:03:49 ----A---- C:\WINDOWS\SysWOW64\mfc71ud.dll
2014-07-11 09:03:49 ----A---- C:\WINDOWS\SysWOW64\mfc71d.dll
2014-07-11 09:03:49 ----A---- C:\WINDOWS\SysWOW64\libeay32.dll
2014-07-11 09:03:17 ----D---- C:\Program Files (x86)\Render Plus Systems
2014-07-11 08:53:07 ----D---- C:\ProgramData\cosstminn
2014-07-11 08:53:07 ----D---- C:\ProgramData\102a107736f6db5e
2014-07-11 08:53:05 ----D---- C:\Program Files (x86)\cosstminn
2014-07-11 08:52:36 ----D---- C:\Program Files (x86)\Adanak
2014-07-11 08:52:30 ----D---- C:\Users\Marek\AppData\Roaming\YourFileDownloader
2014-07-11 08:52:30 ----D---- C:\Program Files (x86)\YourFileDownloader Updater
2014-07-11 08:37:00 ----D---- C:\Users\Marek\AppData\Roaming\SketchUp
2014-07-11 08:35:22 ----D---- C:\Users\Marek\AppData\Roaming\SimLab
2014-07-11 08:33:31 ----D---- C:\ProgramData\SketchUp
2014-07-11 08:33:31 ----D---- C:\Program Files (x86)\SketchUp
2014-07-11 08:24:57 ----AS---- C:\WINDOWS\SysWOW64\nircmdc.exe
2014-07-10 20:39:50 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 08:18:35 ----A---- C:\WINDOWS\SysWOW64\osk.exe
2014-07-10 08:18:25 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-10 08:17:43 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 08:17:28 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 08:17:27 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 08:17:26 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 08:17:26 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 08:17:26 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 08:17:26 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 08:17:25 ----A---- C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\msrating.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-10 08:17:24 ----A---- C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 08:17:23 ----A---- C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-10 08:17:23 ----A---- C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-10 08:17:23 ----A---- C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-10 08:17:23 ----A---- C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-10 08:17:23 ----A---- C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-10 08:16:14 ----A---- C:\WINDOWS\SysWOW64\qedit.dll
2014-07-07 22:22:12 ----D---- C:\ProgramData\privazer
2014-07-06 23:11:51 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-06 23:01:00 ----A---- C:\WINDOWS\SysWOW64\javaws.exe
2014-07-06 23:00:57 ----A---- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-06 23:00:57 ----A---- C:\WINDOWS\SysWOW64\javaw.exe
2014-07-06 23:00:57 ----A---- C:\WINDOWS\SysWOW64\java.exe
2014-07-06 23:00:48 ----D---- C:\Program Files (x86)\Java
2014-07-06 19:57:25 ----D---- C:\Program Files (x86)\Common Files\Skype
2014-07-06 10:24:43 ----A---- C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-06 10:24:37 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-06 10:24:32 ----A---- C:\WINDOWS\SysWOW64\wuwebv.dll
2014-07-06 10:24:32 ----A---- C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-05 20:25:31 ----D---- C:\ProgramData\Cisco
2014-07-03 08:45:24 ----D---- C:\Program Files (x86)\Artisteer 4
2014-07-03 08:16:08 ----D---- C:\Program Files (x86)\MySQL
2014-07-03 08:04:15 ----D---- C:\Program Files (x86)\PHP
2014-07-02 10:00:53 ----D---- C:\Users\Marek\AppData\Roaming\Artisteer
2014-07-02 08:58:17 ----D---- C:\Program Files (x86)\Core Services
2014-07-01 19:43:44 ----A---- C:\WINDOWS\avastSS.scr
2014-07-01 13:54:06 ----D---- C:\Users\Marek\AppData\Roaming\PDAppFlex
2014-07-01 13:49:07 ----D---- C:\adobeTemp
2014-07-01 13:19:00 ----D---- C:\Users\Marek\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-07-01 13:18:56 ----D---- C:\Program Files (x86)\Adobe Download Assistant
2014-07-01 10:04:04 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-07-01 10:02:58 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8

======List of files/folders modified in the last 1 month======

2014-07-11 10:44:37 ----RD---- C:\Program Files (x86)
2014-07-11 10:44:34 ----D---- C:\WINDOWS\Prefetch
2014-07-11 10:24:50 ----D---- C:\WINDOWS\Temp
2014-07-11 10:10:35 ----A---- C:\WINDOWS\win.ini
2014-07-11 09:04:43 ----SHD---- C:\WINDOWS\Installer
2014-07-11 09:04:43 ----SHD---- C:\Config.Msi
2014-07-11 09:04:22 ----D---- C:\WINDOWS\WinSxS
2014-07-11 09:03:50 ----D---- C:\WINDOWS\SysWOW64
2014-07-11 09:03:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 09:03:11 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2014-07-11 08:53:07 ----HD---- C:\ProgramData
2014-07-11 08:53:05 ----D---- C:\WINDOWS\SysWOW64\GroupPolicy
2014-07-11 08:53:05 ----D---- C:\Program Files (x86)\Google
2014-07-11 08:53:03 ----AD---- C:\Users
2014-07-11 08:36:02 ----D---- C:\WINDOWS\System32
2014-07-11 08:36:02 ----D---- C:\WINDOWS\Inf
2014-07-11 08:33:19 ----SHD---- C:\System Volume Information
2014-07-11 08:02:50 ----D---- C:\WINDOWS\Microsoft.NET
2014-07-11 08:02:18 ----RSD---- C:\WINDOWS\assembly
2014-07-11 08:02:06 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-07-10 23:24:04 ----D---- C:\Users\Marek\AppData\Roaming\uTorrent
2014-07-10 23:19:46 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2014-07-10 16:00:17 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-10 16:00:06 ----D---- C:\WINDOWS\SysWOW64\en-US
2014-07-10 16:00:06 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2014-07-10 08:31:41 ----D---- C:\ProgramData\Microsoft Help
2014-07-10 08:31:19 ----D---- C:\WINDOWS\CbsTemp
2014-07-10 08:12:13 ----D---- C:\WINDOWS\SoftwareDistribution
2014-07-08 12:36:16 ----AD---- C:\Windows
2014-07-08 12:36:06 ----D---- C:\WINDOWS\debug
2014-07-08 09:30:08 ----SD---- C:\Users\Marek\AppData\Roaming\Microsoft
2014-07-07 22:24:51 ----D---- C:\Program Files
2014-07-07 22:21:30 ----D---- C:\Users\Marek\AppData\Roaming\Seznam.cz
2014-07-07 22:17:41 ----D---- C:\Program Files (x86)\PrivaZer
2014-07-07 22:16:28 ----D---- C:\ProgramData\Mathematica
2014-07-07 22:16:28 ----D---- C:\Program Files (x86)\Common Files
2014-07-07 22:15:00 ----D---- C:\Program Files (x86)\Common Files\Apple
2014-07-07 22:09:59 ----D---- C:\Program Files (x86)\Adobe
2014-07-07 22:09:37 ----D---- C:\Program Files (x86)\STORMWARE
2014-07-07 10:26:27 ----D---- C:\Users\Marek\AppData\Roaming\Atheros
2014-07-06 20:47:32 ----D---- C:\WINDOWS\rescache
2014-07-06 19:57:25 ----RD---- C:\Program Files (x86)\Skype
2014-07-06 19:57:24 ----D---- C:\ProgramData\Skype
2014-07-06 11:03:19 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2014-07-05 20:26:14 ----SD---- C:\ProgramData\Microsoft
2014-07-04 17:28:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-03 19:33:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-07-03 19:24:56 ----D---- C:\WINDOWS\AUInstallAgent
2014-07-02 10:01:01 ----D---- C:\Users\Marek\AppData\Roaming\Apple Computer
2014-07-01 13:54:01 ----D---- C:\Users\Marek\AppData\Roaming\Adobe
2014-07-01 13:52:13 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2014-07-01 13:49:48 ----D---- C:\ProgramData\Adobe
2014-07-01 13:49:19 ----D---- C:\Program Files (x86)\Common Files\Adobe
2014-07-01 13:32:14 ----D---- C:\Users\Marek\AppData\Roaming\Notepad++
2014-07-01 13:32:14 ----D---- C:\Program Files (x86)\Notepad++
2014-07-01 10:04:00 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2014-07-01 10:02:58 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-23 09:47:29 ----D---- C:\ProgramData\McAfee
2014-06-22 22:15:18 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2014-06-18 19:49:25 ----D---- C:\Program Files (x86)\Opera
2014-06-17 21:50:50 ----D---- C:\Users\Marek\AppData\Roaming\Mp3tag
2014-06-12 00:12:05 ----D---- C:\WINDOWS\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys []
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys []
R0 amdkmpfd;@oem2.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys []
R0 aswRvrt;avast! Revert; C:\WINDOWS\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\SysWOW64\drivers\aswVmm.sys []
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys []
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 APXACC;@oem5.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys []
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ACPIVPC;@oem58.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys []
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys []
R3 anvsnddrv;@oem76.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys []
R3 AthBTPort;@oem12.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys []
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys []
R3 AtiHDAudioService;@oem1.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys []
R3 BTATH_A2DP;@oem11.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys []
R3 btath_avdt;@oem11.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys []
R3 BTATH_BUS;@oem8.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys []
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys []
R3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys []
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys []
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys []
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R3 DNE;@oem78.inf,%DneMP_Desc%;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne64x.sys []
R3 ETD;@oem15.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys []
R3 L1C;@oem6.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys []
R3 MarvinBus;@oem68.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
R3 rtsuvc;@oem43.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys []
R3 SensorsSimulatorDriver;@oem77.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys []
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys []
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys []
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys []
S3 aswTap;@oem72.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\WINDOWS\system32\DRIVERS\CVirtA64.sys []
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys []
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys []
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwNs64.sys []
S3 RSUSBVSTOR;@oem7.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys []
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-25 361984]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-06-25 165784]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-01 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-06-19 2356408]
R2 CronService;Cron Service for Prey; C:\Prey\platform\windows\cronsvc.exe [2014-04-30 23552]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2011-03-04 1529856]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe []
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-02-25 92160]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [2013-02-01 12907520]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2012-09-20 23040]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2012-09-20 23040]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe [2011-09-01 447104]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2014-06-06 72992]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-07-02 5037888]
R2 Update Adanak;Update Adanak; C:\Program Files (x86)\Adanak\updateAdanak.exe [2014-07-11 319256]
R2 Util Adanak;Util Adanak; C:\Program Files (x86)\Adanak\bin\utilAdanak.exe [2014-07-11 319256]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2013-08-15 68368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-05-06 1663880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-03 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-04 87728]

-----------------EOF-----------------


Děkuji :)
Přeji příjemný den :)

Re: Nejde SSL

Napsal: 11 črc 2014 10:26
od JaRon
ahoj,
no je tam toho dost ,,,
1. vycisti PC s MBAM
2. vycisti PC s ADWCleanerom
oba logy vloz + log RSIT po cisteni

Re: Nejde SSL

Napsal: 12 črc 2014 14:09
od Marocasnocha
Ahoj,
tak nakonec jsem byl nucen obnovit zálohu kterou jsem měl ze staršího datumu na disku. Mělo by to být už OK, pro kontrolu posílám log s RSIT , který byl teďkom proveden

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2014-07-12 15:00:15
Microsoft Windows 8
System drive C: has 550 GB (90%) free of 612 GB
Total RAM: 7375 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:01:34, on 12. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek.exe
C:\WINDOWS\sysWow64\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files (x86)\SafeQ\SafeQ_cli.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: Outlook 2013.lnk = C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10969 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe" -s
dashost.exe {e1864142-d5ba-4db7-9838321338c90bdb}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe" -s
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-24d809af-b63a-4769-8b3d-8b5ecea15483 -SystemEventPortName:HostProcess-c4c45360-4515-40cc-ba0f-b120a510103c -IoCancelEventPortName:HostProcess-47db1d33-bd4b-40b6-bd52-3d840771eefa -NonStateChangingEventPortName:HostProcess-873e5453-c00a-4214-a9d6-2c031bb46d74 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f0cf377-f804-4cb2-a1ae-3d543f4e548b -DeviceGroupId:WudfDefaultDevicePool
taskeng.exe {713F95A2-CEC1-439C-BE40-5375D9CB8A35}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /HotCorners
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\SafeQ\SafeQ_cli.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Index.exe" /service
C:\WINDOWS\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5672.0.693620453\402182269" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9903 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.102.1.8000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="5672.2.1521180238\1491700815" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_66/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="5672.6.1740907064\2016202024" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Marek\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\WINDOWS\sysWow64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4079485096-1562105636-3085926805-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4079485096-1562105636-3085926805-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"

wmiadap.exe /F /T /R
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-088010d3-90b7-4bfc-96b5-14f59b009dc2 -SystemEventPortName:HostProcess-a5719c49-b99f-40e6-83e2-bb2c241ee52f -IoCancelEventPortName:HostProcess-afbc4054-3264-404c-8810-4f8f5cc15b9a -NonStateChangingEventPortName:HostProcess-453d65d7-5b75-46c8-8ab7-e78e2c89d1ba -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:10d3f790-4bc7-4930-81ee-52104ad5a40d -DeviceGroupId:WpdFsGroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "{google:baseURL}search?q=%s&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll


C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\l2cl43sa.default\extensions\
artur.dubovoy@gmail.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-07-11 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5054562D-5247-006A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-11 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-11 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-11 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-11 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-07-11 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-11 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-07-11 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-02-04 899680]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-03-05 2876816]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2013-04-10 6339656]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-08-15 17097200]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-08-15 193008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-06-27 24477056]
"Lync"=C:\Program Files\Microsoft Office 15\root\office15\lync.exe [2014-07-11 18997408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-25 642816]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-11 4086432]
"SafeQClient"=C:\Program Files (x86)\SafeQ\SafeQ_cli.exe [2013-09-18 493056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Outlook 2013.lnk - C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-12 15:00:15 ----D---- C:\rsit
2014-07-12 15:00:15 ----D---- C:\Program Files\trend micro
2014-07-12 10:05:55 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-07-12 09:43:05 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-12 09:35:12 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-07-11 23:12:36 ----D---- C:\Users\Marek\AppData\Roaming\Artisteer
2014-07-11 23:06:54 ----D---- C:\Users\Marek\AppData\Roaming\SketchUp
2014-07-11 23:05:42 ----D---- C:\Program Files (x86)\Artisteer 4
2014-07-11 22:19:03 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2014-07-11 22:19:03 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-07-11 22:18:35 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-07-11 22:18:35 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-07-11 22:18:30 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-07-11 22:18:30 ----A---- C:\WINDOWS\system32\wusa.exe
2014-07-11 22:18:30 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-07-11 22:18:23 ----A---- C:\WINDOWS\system32\NotificationUI.exe
2014-07-11 22:18:10 ----A---- C:\WINDOWS\system32\shell32.dll
2014-07-11 22:18:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-07-11 22:17:58 ----A---- C:\WINDOWS\system32\win32k.sys
2014-07-11 22:17:57 ----A---- C:\WINDOWS\system32\osk.exe
2014-07-11 22:17:56 ----A---- C:\WINDOWS\SYSWOW64\osk.exe
2014-07-11 22:17:50 ----A---- C:\WINDOWS\system32\InkEd.dll
2014-07-11 22:17:49 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-07-11 22:17:49 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-07-11 22:17:41 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-07-11 22:17:40 ----A---- C:\WINDOWS\system32\SHCore.dll
2014-07-11 22:17:40 ----A---- C:\WINDOWS\system32\lsm.dll
2014-07-11 22:17:39 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2014-07-11 22:17:08 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2014-07-11 22:17:06 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2014-07-11 22:16:46 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-07-11 22:16:45 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-07-11 22:16:45 ----A---- C:\WINDOWS\system32\localspl.dll
2014-07-11 22:16:44 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-07-11 22:16:44 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-07-11 22:16:43 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-07-11 22:16:43 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-07-11 22:16:43 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-07-11 22:16:43 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-07-11 22:16:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 22:16:42 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 22:16:36 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-07-11 22:16:36 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-07-11 22:16:36 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-07-11 22:16:36 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-07-11 22:16:19 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-07-11 22:16:10 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-07-11 22:16:05 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-07-11 22:16:04 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-07-11 22:16:01 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-07-11 22:16:01 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-07-11 22:15:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-07-11 22:15:50 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-07-11 22:15:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-07-11 22:15:48 ----A---- C:\WINDOWS\system32\wininet.dll
2014-07-11 22:15:46 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-07-11 22:15:46 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-07-11 22:15:45 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-07-11 22:15:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-07-11 22:15:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-07-11 22:15:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-07-11 22:15:39 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-07-11 22:15:39 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-07-11 22:15:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-07-11 22:15:39 ----A---- C:\WINDOWS\system32\jscript.dll
2014-07-11 22:15:38 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-07-11 22:15:38 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-07-11 22:15:38 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-07-11 22:15:36 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-07-11 22:15:36 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-07-11 22:15:35 ----A---- C:\WINDOWS\system32\msrating.dll
2014-07-11 22:15:35 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-07-11 22:15:34 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-07-11 22:15:34 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-07-11 22:15:33 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-07-11 22:15:10 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-07-11 22:15:01 ----A---- C:\WINDOWS\system32\kernel32.dll
2014-07-11 22:15:00 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2014-07-11 22:14:59 ----A---- C:\WINDOWS\system32\gpedit.dll
2014-07-11 22:14:59 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-07-11 22:14:58 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2014-07-11 22:14:58 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-07-11 22:14:58 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-07-11 22:14:57 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2014-07-11 22:14:07 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-07-11 22:14:05 ----A---- C:\WINDOWS\system32\qedit.dll
2014-07-11 22:14:04 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-07-11 22:13:53 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2014-07-11 22:13:52 ----A---- C:\WINDOWS\system32\KernelBase.dll
2014-07-11 22:13:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2014-07-11 22:13:48 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2014-07-11 22:13:45 ----A---- C:\WINDOWS\system32\winlogon.exe
2014-07-11 22:13:45 ----A---- C:\WINDOWS\system32\sspicli.dll
2014-07-11 22:13:45 ----A---- C:\WINDOWS\system32\objsel.dll
2014-07-11 22:13:45 ----A---- C:\WINDOWS\system32\msv1_0.dll
2014-07-11 22:13:45 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-07-11 22:13:44 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2014-07-11 22:13:43 ----A---- C:\WINDOWS\SYSWOW64\objsel.dll
2014-07-11 22:13:43 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2014-07-11 22:13:42 ----A---- C:\WINDOWS\system32\usercpl.dll
2014-07-11 22:13:42 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2014-07-11 22:13:42 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2014-07-11 22:13:40 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2014-07-11 22:13:40 ----A---- C:\WINDOWS\system32\wdigest.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\SYSWOW64\wdigest.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\system32\TSpkg.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\system32\sspisrv.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\system32\schannel.dll
2014-07-11 22:13:39 ----A---- C:\WINDOWS\system32\lsass.exe
2014-07-11 22:13:39 ----A---- C:\WINDOWS\system32\dimsroam.dll
2014-07-11 22:13:38 ----A---- C:\WINDOWS\SYSWOW64\dimsroam.dll
2014-07-11 22:13:38 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2014-07-11 22:13:38 ----A---- C:\WINDOWS\system32\credssp.dll
2014-07-11 22:13:37 ----A---- C:\WINDOWS\system32\workerdd.dll
2014-07-11 22:12:25 ----A---- C:\WINDOWS\system32\schedsvc.dll
2014-07-11 22:12:19 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-07-11 22:12:19 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-07-11 21:57:54 ----D---- C:\ProgramData\SketchUp
2014-07-11 21:57:54 ----D---- C:\Program Files (x86)\SketchUp
2014-07-11 21:48:20 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-07-11 21:46:59 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-07-11 21:46:59 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-07-11 21:46:59 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-07-11 21:46:58 ----D---- C:\ProgramData\Malwarebytes
2014-07-11 21:46:58 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-11 21:44:28 ----D---- C:\AdwCleaner
2014-07-11 21:41:39 ----A---- C:\WINDOWS\system32\javaws.exe
2014-07-11 21:41:33 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-07-11 21:41:33 ----A---- C:\WINDOWS\system32\javaw.exe
2014-07-11 21:41:33 ----A---- C:\WINDOWS\system32\java.exe
2014-07-11 21:39:13 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-07-11 21:39:05 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-07-11 21:39:05 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-07-11 21:39:05 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-07-11 21:38:31 ----D---- C:\Program Files (x86)\Java
2014-07-11 21:30:10 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2014-07-11 21:29:53 ----A---- C:\WINDOWS\avastSS.scr
2014-07-11 21:18:46 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 month======

2014-07-12 15:01:03 ----D---- C:\WINDOWS\Prefetch
2014-07-12 15:00:15 ----D---- C:\Program Files
2014-07-12 15:00:01 ----D---- C:\WINDOWS\system32\sru
2014-07-12 14:57:37 ----D---- C:\WINDOWS\Temp
2014-07-12 14:56:27 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-07-12 14:56:27 ----D---- C:\WINDOWS\system32\Drivers
2014-07-12 10:23:25 ----D---- C:\WINDOWS\Inf
2014-07-12 10:23:25 ----AD---- C:\WINDOWS\System32
2014-07-12 10:23:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-12 10:06:57 ----RD---- C:\Program Files (x86)
2014-07-12 10:06:51 ----HD---- C:\ProgramData
2014-07-12 10:05:55 ----D---- C:\WINDOWS\SysWOW64
2014-07-12 09:55:10 ----AD---- C:\Windows
2014-07-12 09:53:33 ----D---- C:\WINDOWS\system32\config
2014-07-12 09:52:26 ----HD---- C:\Program Files\WindowsApps
2014-07-12 09:52:15 ----D---- C:\WINDOWS\AUInstallAgent
2014-07-12 09:48:35 ----D---- C:\WINDOWS\system32\Tasks
2014-07-12 09:41:20 ----D---- C:\Program Files (x86)\Opera
2014-07-12 09:35:17 ----D---- C:\WINDOWS\Microsoft.NET
2014-07-12 09:35:14 ----D---- C:\WINDOWS\WinSxS
2014-07-12 09:33:36 ----SHD---- C:\Config.Msi
2014-07-12 09:33:10 ----D---- C:\WINDOWS\Performance
2014-07-12 09:32:05 ----RD---- C:\WINDOWS\ToastData
2014-07-12 09:32:04 ----D---- C:\Program Files\Windows Defender
2014-07-12 09:32:04 ----D---- C:\Program Files (x86)\Windows Defender
2014-07-12 09:32:02 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2014-07-12 09:32:01 ----D---- C:\WINDOWS\WinStore
2014-07-12 09:32:01 ----D---- C:\Program Files\Windows Journal
2014-07-12 09:31:59 ----D---- C:\WINDOWS\system32\en-US
2014-07-12 09:31:59 ----D---- C:\WINDOWS\system32\cs-CZ
2014-07-12 09:31:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-12 09:31:56 ----D---- C:\Program Files\Internet Explorer
2014-07-12 09:31:53 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-07-12 09:31:53 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-07-12 09:31:51 ----D---- C:\WINDOWS\system32\DriverStore
2014-07-12 02:38:46 ----SHD---- C:\WINDOWS\Installer
2014-07-11 23:12:44 ----D---- C:\Users\Marek\AppData\Roaming\Apple Computer
2014-07-11 23:03:47 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2014-07-11 22:45:43 ----D---- C:\Users\Marek\AppData\Roaming\Notepad++
2014-07-11 22:42:17 ----D---- C:\WINDOWS\debug
2014-07-11 22:37:47 ----D---- C:\Program Files\Common Files
2014-07-11 22:37:25 ----D---- C:\ProgramData\Mathematica
2014-07-11 22:37:25 ----D---- C:\Program Files (x86)\Common Files
2014-07-11 22:37:20 ----D---- C:\WINDOWS\CbsTemp
2014-07-11 22:36:42 ----D---- C:\ProgramData\Microsoft Help
2014-07-11 22:35:54 ----D---- C:\ProgramData\Apple
2014-07-11 22:34:11 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 22:34:08 ----D---- C:\WINDOWS\Tasks
2014-07-11 22:32:55 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-07-11 22:26:09 ----D---- C:\WINDOWS\system32\MRT
2014-07-11 22:18:49 ----D---- C:\WINDOWS\system32\catroot2
2014-07-11 22:14:25 ----D---- C:\ProgramData\Pinnacle
2014-07-11 22:06:56 ----D---- C:\Program Files\Microsoft Office 15
2014-07-11 22:04:50 ----RSD---- C:\WINDOWS\Fonts
2014-07-11 21:54:11 ----D---- C:\Program Files\CCleaner
2014-07-11 21:41:21 ----D---- C:\Program Files\Java
2014-07-11 21:38:56 ----SHD---- C:\System Volume Information
2014-07-11 21:37:32 ----D---- C:\Users\Marek\AppData\Roaming\LSC
2014-07-11 21:37:22 ----RSD---- C:\WINDOWS\assembly
2014-07-11 21:36:42 ----D---- C:\Program Files\Lenovo
2014-07-11 21:33:58 ----D---- C:\ProgramData\Oracle
2014-07-11 21:33:16 ----D---- C:\WINDOWS\Downloaded Installations
2014-07-11 21:30:03 ----A---- C:\WINDOWS\system32\aswBoot.exe
2014-07-11 21:18:20 ----SD---- C:\ProgramData\Microsoft
2014-06-26 17:40:34 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2012-11-30 80552]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2012-11-30 26280]
R0 amdkmpfd;@oem2.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-02-14 37472]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-11 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-11 224896]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-08-15 39008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-07-11 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-11 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-11 427360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 APXACC;@oem5.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2013-04-18 219360]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-11 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-11 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-07-11 92008]
R3 ACPIVPC;@oem58.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-08-15 33560]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-04-24 11645952]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-04-24 581632]
R3 AthBTPort;@oem12.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-03-25 3776000]
R3 AtiHDAudioService;@oem1.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2013-04-23 98744]
R3 BTATH_A2DP;@oem11.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
R3 btath_avdt;@oem11.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
R3 BTATH_BUS;@oem8.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-01-25 34384]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-01-25 581200]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-02-26 1680992]
R3 ETD;@oem15.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-02-27 355664]
R3 L1C;@oem6.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-03-04 128592]
R3 MarvinBus;@oem68.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2014-07-12 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2014-05-12 64216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtsuvc;@oem43.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-04-10 8243272]
R3 SensorsSimulatorDriver;@oem77.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 anvsnddrv;@oem76.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 aswTap;@oem72.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2014-02-24 44640]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-06-24 15283200]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 RSUSBVSTOR;@oem7.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2013-03-18 327752]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-06 210560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-04-24 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-25 361984]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-11 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-06-19 2356408]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2012-12-03 202400]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-02-25 92160]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [2003-12-29 65536]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2012-09-20 29696]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2012-09-20 29696]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2014-06-06 72992]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2013-08-15 68368]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [2003-12-29 1486928]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11 262320]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-07 116648]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-05-06 1663880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-29 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-02-01 150600]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-04 87728]

-----------------EOF-----------------
Děkuji za pomoc :)

Re: Nejde SSL

Napsal: 12 črc 2014 15:06
od JaRon
log vypada OK
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz