Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Kontrola logu

#1 Příspěvek od Nexxy »

Notebook je o něco pomalejší, poprosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-03-02 20:38:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 274 GB (60%) free of 461 GB
Total RAM: 3835 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:39:57, on 2.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\World Of Warcraft\PandashanLauncher.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\SysWow64\DreamScene.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 11527 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
taskeng.exe {FC301D3E-067C-4497-812E-AA4727920F83}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 3244
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart start ccc
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>2076093430</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Petr\AppData\Local\Steam\htmlcache" -steampid 5892 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="4968.0.1048482906\582329361" /prefetch:673131151
"PandashanLauncher.exe" back
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="4968.6.891108855\79466130" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4336.0.442507181\640441424" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x68e4 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.812.1.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.1.579120467\1123599053" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.2.1678880260\1145083052" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.4.610089268\1925542888" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --lang=cs --channel="4336.7.665289372\1442077780" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.13.361797214\806634928" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.28.2053696361\1564586454" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.29.1886030438\286801825" /prefetch:673131151
"C:\Users\Petr\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4336.31.1005079771\1010688583" /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForPetr.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPetr (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\faqsxm5w.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-28 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-11 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-13 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-13 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-10-08 843480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-12-16 3618648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2014-10-27 9974576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-02-02 5768992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Petr\AppData\Roaming\Spotify\spotify.exe [2015-01-10 6737976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Petr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2015-01-10 1676344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-04 336384]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2015-02-17 275360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-02 17:35:11 ----A---- C:\Windows\SYSWOW64\drivers\Partizan.sys
2015-03-02 17:33:20 ----D---- C:\ProgramData\RegRun
2015-03-02 17:32:30 ----RASHOT---- C:\Windows\winstart.bat
2015-03-02 17:32:24 ----A---- C:\Windows\SYSWOW64\drivers\UnHackMeDrv.sys
2015-03-02 17:32:16 ----D---- C:\Program Files (x86)\UnHackMe
2015-03-02 15:03:54 ----A---- C:\autoexec.bat
2015-03-02 15:02:31 ----D---- C:\Program Files\Enigma Software Group
2015-02-28 20:42:12 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2015-02-28 20:42:03 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2015-02-28 20:41:50 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2015-02-28 13:01:19 ----D---- C:\Program Files (x86)\World Of Warcraft
2015-02-23 17:43:35 ----D---- C:\ProgramData\SystemRequirementsLab
2015-02-23 17:43:35 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-02-19 16:40:04 ----D---- C:\Program Files (x86)\Skype
2015-02-17 21:12:24 ----D---- C:\Crash
2015-02-17 17:00:47 ----A---- C:\Windows\SYSWOW64\DreamScene.dll
2015-02-17 15:39:55 ----A---- C:\Windows\system32\DreamScene.dll
2015-02-16 21:45:08 ----D---- C:\ProgramData\Caphyon
2015-02-16 21:45:05 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-16 21:42:49 ----D---- C:\Users\Petr\AppData\Roaming\LaRoXion
2015-02-16 14:13:03 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-16 14:13:02 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-16 14:13:02 ----A---- C:\Windows\system32\mstscax.dll
2015-02-15 12:21:05 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-15 12:21:01 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprt.exe
2015-02-15 12:21:00 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-15 12:20:59 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-15 12:20:59 ----A---- C:\Windows\system32\mstsc.exe
2015-02-15 12:20:57 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-15 12:20:57 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-15 11:56:49 ----D---- C:\Program Files\Microsoft Silverlight
2015-02-15 11:56:49 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-15 11:54:59 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\powertracker.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\perftrack.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:54:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:54:26 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:54:20 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:53:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:52:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:52:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:52:30 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:52:30 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:52:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:52:16 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 14:52:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 14:52:15 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 14:52:15 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 14:52:14 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 14:52:14 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 14:51:42 ----A---- C:\Windows\system32\win32k.sys
2015-02-03 14:56:20 ----D---- C:\ProgramData\Orbit
2015-02-03 14:17:20 ----D---- C:\Program Files (x86)\Far Cry 3

======List of files/folders modified in the last 1 month======

2015-03-02 20:39:57 ----D---- C:\Program Files\trend micro
2015-03-02 20:31:42 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-03-02 20:21:56 ----D---- C:\Program Files (x86)\Battle.net
2015-03-02 20:15:58 ----D---- C:\Program Files (x86)\Steam
2015-03-02 20:13:31 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-03-02 20:09:06 ----D---- C:\Windows\Temp
2015-03-02 17:57:41 ----D---- C:\Windows\system32\Tasks
2015-03-02 17:57:13 ----D---- C:\Windows\system32\drivers
2015-03-02 17:56:44 ----D---- C:\Program Files (x86)\IObit
2015-03-02 17:46:23 ----D---- C:\ProgramData\PDFC
2015-03-02 17:35:11 ----D---- C:\Windows\SYSWOW64\drivers
2015-03-02 17:34:35 ----SHD---- C:\System Volume Information
2015-03-02 17:33:20 ----HD---- C:\ProgramData
2015-03-02 17:32:30 ----D---- C:\Windows\SysWOW64
2015-03-02 17:32:30 ----D---- C:\Windows
2015-03-02 17:32:16 ----RD---- C:\Program Files (x86)
2015-03-02 15:03:21 ----D---- C:\Windows\system32\catroot2
2015-03-02 15:02:31 ----RD---- C:\Program Files
2015-03-01 13:48:28 ----D---- C:\Windows\inf
2015-03-01 13:27:22 ----SHD---- C:\Windows\Installer
2015-03-01 13:27:22 ----SHD---- C:\Config.Msi
2015-03-01 07:44:45 ----D---- C:\Windows\system32\config
2015-03-01 07:30:22 ----D---- C:\Windows\SoftwareDistribution
2015-03-01 07:28:13 ----D---- C:\Windows\debug
2015-03-01 07:28:00 ----D---- C:\Windows\System32
2015-02-28 21:00:01 ----D---- C:\ProgramData\ProductData
2015-02-28 20:59:19 ----D---- C:\Windows\Panther
2015-02-28 20:41:52 ----D---- C:\ProgramData\IObit
2015-02-28 20:41:50 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2015-02-28 17:36:34 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 12:08:58 ----D---- C:\Users\Petr\AppData\Roaming\Battle.net
2015-02-28 12:05:06 ----D---- C:\Program Files (x86)\Hearthstone
2015-02-27 15:18:56 ----D---- C:\Windows\system32\DriverStore
2015-02-24 15:08:10 ----D---- C:\Program Files (x86)\Opera
2015-02-23 15:24:17 ----D---- C:\Windows\Tasks
2015-02-22 08:36:05 ----D---- C:\Windows\Minidump
2015-02-22 08:29:33 ----D---- C:\Program Files (x86)\Google
2015-02-21 09:10:04 ----D---- C:\Windows\Microsoft.NET
2015-02-20 14:03:29 ----D---- C:\Windows\Prefetch
2015-02-19 17:31:45 ----D---- C:\Program Files\Speccy
2015-02-19 16:40:02 ----D---- C:\ProgramData\Skype
2015-02-19 16:38:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-19 16:11:39 ----D---- C:\Program Files (x86)\Common Files
2015-02-17 17:00:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-17 16:52:12 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-02-17 15:39:56 ----D---- C:\Windows\system32\en-US
2015-02-17 15:39:55 ----D---- C:\Windows\Web
2015-02-16 14:24:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-16 14:24:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-16 14:15:15 ----D---- C:\Windows\winsxs
2015-02-16 14:15:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-16 14:15:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\cs-CZ
2015-02-15 12:26:30 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-15 12:26:28 ----D---- C:\Windows\system32\drivers\en-US
2015-02-15 12:26:27 ----D---- C:\Windows\system32\wbem
2015-02-15 12:26:25 ----D---- C:\Windows\tracing
2015-02-15 11:59:21 ----SD---- C:\ProgramData\Microsoft
2015-02-12 18:59:12 ----D---- C:\Users\Petr\AppData\Roaming\PhotoScape
2015-02-12 18:58:48 ----D---- C:\Windows\ModemLogs
2015-02-11 15:18:30 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 15:18:27 ----D---- C:\Windows\system32\appraiser
2015-02-11 15:18:21 ----D---- C:\Program Files\Internet Explorer
2015-02-11 15:18:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 15:12:27 ----D---- C:\Windows\system32\MRT
2015-02-11 15:02:16 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 14:51:32 ----D---- C:\Windows\system32\catroot
2015-02-09 19:57:04 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-05 20:47:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 13:37:13 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-02-03 14:57:04 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-02-03 14:15:17 ----D---- C:\Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-06-17 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-28 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-10-08 122072]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-04 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-04 295424]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-13 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-04-13 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-04-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-04-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-04-13 281760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-03-01 129752]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-19 19456]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-01-19 30208]
S3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-04 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-04 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-13 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-13 77984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-10-08 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-10-08 782040]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-02-03 76888]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-09-01 991288]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-10-08 409304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-12-15 9216]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-27 1255736]
S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-16 1900400]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Re: Kontrola logu

#3 Příspěvek od Nexxy »

# AdwCleaner v4.111 - Logfile created 02/03/2015 at 21:13:02
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Petr - PETR-HP
# Running from : C:\Users\Petr\Downloads\adwcleaner_4.111 (1).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\faqsxm5w.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Mozilla Firefox v33.0.2 (x86 cs)


-\\ Google Chrome v40.0.2214.115

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF

-\\ Opera v27.0.1689.76

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF

*************************

AdwCleaner[R0].txt - [5442 bytes] - [02/01/2015 12:33:59]
AdwCleaner[R1].txt - [1300 bytes] - [02/03/2015 21:10:46]
AdwCleaner[S0].txt - [4898 bytes] - [02/01/2015 12:35:47]
AdwCleaner[S1].txt - [1388 bytes] - [02/03/2015 21:13:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1447 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Re: Kontrola logu

#5 Příspěvek od Nexxy »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-03-03 13:58:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 274 GB (60%) free of 461 GB
Total RAM: 3835 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:25, on 3.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\SysWow64\DreamScene.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 10998 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
taskeng.exe {C7EAEE64-ACA9-4C9A-A21A-5EFAEC50ED59}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
taskeng.exe {EAA925F4-0CD6-4F3F-8A57-6EBEBFBE1609}
"taskhost.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2660
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Windows\system32\taskmgr.exe" /1
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Petr\AppData\Local\Steam\htmlcache" -steampid 2424 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>424451366</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="3952.0.1449414023\308298932" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2428.0.1086485117\1704351156" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x68e4 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.812.1.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2428.3.2099214783\855592824" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2428.5.1897853765\2023214936" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2428.7.2084470141\1548969284" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-accelerated-compositing --disable-gpu-compositing --channel="3952.1.1951137905\1172073207" /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="2428.9.2025671870\1332211223" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForPetr.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPetr (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\faqsxm5w.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-11 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-13 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-13 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-10-08 843480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-12-16 3618648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2014-10-27 9974576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Petr\AppData\Roaming\Spotify\spotify.exe [2015-01-10 6737976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Petr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2015-01-10 1676344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-04 336384]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2015-02-17 275360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-02 17:33:20 ----D---- C:\ProgramData\RegRun
2015-03-02 17:32:30 ----RASHOT---- C:\Windows\winstart.bat
2015-03-02 17:32:16 ----D---- C:\Program Files (x86)\UnHackMe
2015-03-02 15:03:54 ----A---- C:\autoexec.bat
2015-03-02 15:02:31 ----D---- C:\Program Files\Enigma Software Group
2015-02-28 20:42:12 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2015-02-28 20:42:03 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2015-02-28 20:41:50 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2015-02-28 13:01:19 ----D---- C:\Program Files (x86)\World Of Warcraft
2015-02-23 17:43:35 ----D---- C:\ProgramData\SystemRequirementsLab
2015-02-23 17:43:35 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-02-19 16:40:04 ----D---- C:\Program Files (x86)\Skype
2015-02-17 21:12:24 ----D---- C:\Crash
2015-02-17 17:00:47 ----A---- C:\Windows\SYSWOW64\DreamScene.dll
2015-02-17 15:39:55 ----A---- C:\Windows\system32\DreamScene.dll
2015-02-16 21:45:08 ----D---- C:\ProgramData\Caphyon
2015-02-16 21:45:05 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-16 21:42:49 ----D---- C:\Users\Petr\AppData\Roaming\LaRoXion
2015-02-16 14:13:03 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-16 14:13:02 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-16 14:13:02 ----A---- C:\Windows\system32\mstscax.dll
2015-02-15 12:21:05 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-15 12:21:01 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprt.exe
2015-02-15 12:21:00 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-15 12:20:59 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-15 12:20:59 ----A---- C:\Windows\system32\mstsc.exe
2015-02-15 12:20:57 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-15 12:20:57 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-15 11:56:49 ----D---- C:\Program Files\Microsoft Silverlight
2015-02-15 11:56:49 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-15 11:54:59 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\powertracker.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\perftrack.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:54:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:54:26 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:54:20 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:53:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:52:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:52:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:52:30 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:52:30 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:52:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:52:16 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 14:52:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 14:52:15 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 14:52:15 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 14:52:14 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 14:52:14 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 14:51:42 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-03 13:58:24 ----D---- C:\Program Files\trend micro
2015-03-03 13:57:46 ----D---- C:\Windows\Temp
2015-03-03 13:54:38 ----D---- C:\Program Files (x86)\Steam
2015-03-03 13:53:24 ----D---- C:\ProgramData\PDFC
2015-03-03 13:52:58 ----D---- C:\Windows\system32\Tasks
2015-03-02 21:55:59 ----D---- C:\Windows\system32\drivers
2015-03-02 21:55:58 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-02 21:55:11 ----D---- C:\Windows\SYSWOW64\drivers
2015-03-02 21:13:03 ----D---- C:\AdwCleaner
2015-03-02 20:31:42 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-03-02 20:21:56 ----D---- C:\Program Files (x86)\Battle.net
2015-03-02 20:13:31 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-03-02 17:56:44 ----D---- C:\Program Files (x86)\IObit
2015-03-02 17:34:35 ----SHD---- C:\System Volume Information
2015-03-02 17:33:20 ----HD---- C:\ProgramData
2015-03-02 17:32:30 ----D---- C:\Windows\SysWOW64
2015-03-02 17:32:30 ----D---- C:\Windows
2015-03-02 17:32:16 ----RD---- C:\Program Files (x86)
2015-03-02 15:03:21 ----D---- C:\Windows\system32\catroot2
2015-03-02 15:02:31 ----RD---- C:\Program Files
2015-03-01 13:48:28 ----D---- C:\Windows\inf
2015-03-01 13:27:22 ----SHD---- C:\Windows\Installer
2015-03-01 13:27:22 ----SHD---- C:\Config.Msi
2015-03-01 07:44:45 ----D---- C:\Windows\system32\config
2015-03-01 07:30:22 ----D---- C:\Windows\SoftwareDistribution
2015-03-01 07:28:13 ----D---- C:\Windows\debug
2015-03-01 07:28:00 ----D---- C:\Windows\System32
2015-02-28 21:00:01 ----D---- C:\ProgramData\ProductData
2015-02-28 20:59:19 ----D---- C:\Windows\Panther
2015-02-28 20:41:52 ----D---- C:\ProgramData\IObit
2015-02-28 20:41:50 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2015-02-28 12:08:58 ----D---- C:\Users\Petr\AppData\Roaming\Battle.net
2015-02-28 12:05:06 ----D---- C:\Program Files (x86)\Hearthstone
2015-02-27 15:18:56 ----D---- C:\Windows\system32\DriverStore
2015-02-24 15:08:10 ----D---- C:\Program Files (x86)\Opera
2015-02-23 15:24:17 ----D---- C:\Windows\Tasks
2015-02-22 08:36:05 ----D---- C:\Windows\Minidump
2015-02-22 08:29:33 ----D---- C:\Program Files (x86)\Google
2015-02-21 09:10:04 ----D---- C:\Windows\Microsoft.NET
2015-02-20 14:03:29 ----D---- C:\Windows\Prefetch
2015-02-19 17:31:45 ----D---- C:\Program Files\Speccy
2015-02-19 16:40:11 ----D---- C:\ProgramData\Skype
2015-02-19 16:38:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-19 16:11:39 ----D---- C:\Program Files (x86)\Common Files
2015-02-17 17:00:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-17 16:52:12 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-02-17 15:39:56 ----D---- C:\Windows\system32\en-US
2015-02-17 15:39:55 ----D---- C:\Windows\Web
2015-02-16 14:24:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-16 14:24:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-16 14:15:15 ----D---- C:\Windows\winsxs
2015-02-16 14:15:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-16 14:15:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\cs-CZ
2015-02-15 12:26:30 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-15 12:26:28 ----D---- C:\Windows\system32\drivers\en-US
2015-02-15 12:26:27 ----D---- C:\Windows\system32\wbem
2015-02-15 12:26:25 ----D---- C:\Windows\tracing
2015-02-15 11:59:21 ----SD---- C:\ProgramData\Microsoft
2015-02-12 18:59:12 ----D---- C:\Users\Petr\AppData\Roaming\PhotoScape
2015-02-12 18:58:48 ----D---- C:\Windows\ModemLogs
2015-02-11 15:18:30 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 15:18:27 ----D---- C:\Windows\system32\appraiser
2015-02-11 15:18:21 ----D---- C:\Program Files\Internet Explorer
2015-02-11 15:18:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 15:12:27 ----D---- C:\Windows\system32\MRT
2015-02-11 15:02:16 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 14:51:32 ----D---- C:\Windows\system32\catroot
2015-02-09 19:57:04 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-05 20:47:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 13:37:13 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-06-17 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-28 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-10-08 122072]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-04 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-04 295424]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-13 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-04-13 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-04-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-04-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-04-13 281760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-19 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-01-19 30208]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-04 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-04 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-13 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-13 77984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-10-08 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-10-08 782040]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-12-15 9216]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-02-03 76888]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-09-01 991288]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-10-08 409304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-16 1900400]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\winstart.bat

:services
BBSvc
SeaPort

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Re: Kontrola logu

#7 Příspěvek od Nexxy »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-03-03 20:56:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 275 GB (60%) free of 461 GB
Total RAM: 3835 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:56:50, on 3.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto (User 'Default user')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\SysWow64\DreamScene.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 10816 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1520
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {D223B22C-98ED-45DA-B0F8-44C658EFFFE2}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {65C91D31-1E62-4063-A6CA-4E226E7FDA86}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Garena Plus\ggdllhost.exe" "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4464.0.184855627\652048076" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x68e4 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.812.1.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4464.3.1524210465\191619711" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4464.5.969219577\574668236" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/PP_Ethersuggest_A3_Stable_R8/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_59/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="4464.6.1722667468\495083772" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\Windows\system32\sppsvc.exe
"C:\Users\Petr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForPetr.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPetr (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\faqsxm5w.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-11 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-13 627360]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-13 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2014-10-08 843480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-12-16 3618648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarenaPlus]
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2014-10-27 9974576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Petr\AppData\Roaming\Spotify\spotify.exe [2015-01-10 6737976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Petr\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2015-01-10 1676344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-04 336384]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2015-02-17 275360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-03 20:52:27 ----D---- C:\_OTM
2015-03-02 17:33:20 ----D---- C:\ProgramData\RegRun
2015-03-02 17:32:16 ----D---- C:\Program Files (x86)\UnHackMe
2015-03-02 15:03:54 ----A---- C:\autoexec.bat
2015-03-02 15:02:31 ----D---- C:\Program Files\Enigma Software Group
2015-02-28 20:42:12 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2015-02-28 20:42:03 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2015-02-28 20:41:50 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2015-02-28 13:01:19 ----D---- C:\Program Files (x86)\World Of Warcraft
2015-02-23 17:43:35 ----D---- C:\ProgramData\SystemRequirementsLab
2015-02-23 17:43:35 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-02-19 16:40:04 ----D---- C:\Program Files (x86)\Skype
2015-02-17 21:12:24 ----D---- C:\Crash
2015-02-17 17:00:47 ----A---- C:\Windows\SYSWOW64\DreamScene.dll
2015-02-17 15:39:55 ----A---- C:\Windows\system32\DreamScene.dll
2015-02-16 21:45:08 ----D---- C:\ProgramData\Caphyon
2015-02-16 21:45:05 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-02-16 21:42:49 ----D---- C:\Users\Petr\AppData\Roaming\LaRoXion
2015-02-16 14:13:03 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-16 14:13:02 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-16 14:13:02 ----A---- C:\Windows\system32\mstscax.dll
2015-02-15 12:21:05 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-15 12:21:01 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-15 12:21:01 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\wksprt.exe
2015-02-15 12:21:00 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-15 12:21:00 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-15 12:20:59 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-15 12:20:59 ----A---- C:\Windows\system32\mstsc.exe
2015-02-15 12:20:57 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-15 12:20:57 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-15 11:56:49 ----D---- C:\Program Files\Microsoft Silverlight
2015-02-15 11:56:49 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-02-15 11:54:59 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\wdi.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\powertracker.dll
2015-02-15 11:54:59 ----A---- C:\Windows\system32\perftrack.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 13:48:03 ----A---- C:\Windows\system32\jscript9.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 14:54:54 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 14:54:53 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:54:46 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 14:54:45 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 14:54:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:54:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:54:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 14:54:31 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:54:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:54:29 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:54:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:54:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:54:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 14:54:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:54:26 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 14:54:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 14:54:25 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:54:24 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:54:23 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:54:22 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 14:54:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:54:20 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:53:20 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\wintrust.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\cryptsvc.dll
2015-02-11 14:53:20 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-02-11 14:53:19 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:53:08 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:53:07 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 14:53:07 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 14:53:07 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:52:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:52:58 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:52:57 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:52:30 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:52:30 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:52:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:52:16 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 14:52:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 14:52:15 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 14:52:15 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 14:52:14 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 14:52:14 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 14:51:42 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-03-03 20:56:47 ----D---- C:\Program Files\trend micro
2015-03-03 20:54:46 ----D---- C:\Windows\system32\Tasks
2015-03-03 20:54:35 ----D---- C:\ProgramData\PDFC
2015-03-03 20:54:13 ----D---- C:\Windows\Temp
2015-03-03 20:52:29 ----D---- C:\Windows\Tasks
2015-03-03 20:52:29 ----D---- C:\Windows
2015-03-03 20:51:18 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-03-03 18:53:33 ----D---- C:\Program Files (x86)\Steam
2015-03-02 21:55:59 ----D---- C:\Windows\system32\drivers
2015-03-02 21:55:58 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-02 21:55:11 ----D---- C:\Windows\SYSWOW64\drivers
2015-03-02 21:13:03 ----D---- C:\AdwCleaner
2015-03-02 20:31:42 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-03-02 20:21:56 ----D---- C:\Program Files (x86)\Battle.net
2015-03-02 17:56:44 ----D---- C:\Program Files (x86)\IObit
2015-03-02 17:34:35 ----SHD---- C:\System Volume Information
2015-03-02 17:33:20 ----HD---- C:\ProgramData
2015-03-02 17:32:30 ----D---- C:\Windows\SysWOW64
2015-03-02 17:32:16 ----RD---- C:\Program Files (x86)
2015-03-02 15:03:21 ----D---- C:\Windows\system32\catroot2
2015-03-02 15:02:31 ----RD---- C:\Program Files
2015-03-01 13:48:28 ----D---- C:\Windows\inf
2015-03-01 13:27:22 ----SHD---- C:\Windows\Installer
2015-03-01 13:27:22 ----SHD---- C:\Config.Msi
2015-03-01 07:44:45 ----D---- C:\Windows\system32\config
2015-03-01 07:30:22 ----D---- C:\Windows\SoftwareDistribution
2015-03-01 07:28:13 ----D---- C:\Windows\debug
2015-03-01 07:28:00 ----D---- C:\Windows\System32
2015-02-28 21:00:01 ----D---- C:\ProgramData\ProductData
2015-02-28 20:59:19 ----D---- C:\Windows\Panther
2015-02-28 20:41:52 ----D---- C:\ProgramData\IObit
2015-02-28 20:41:50 ----D---- C:\Users\Petr\AppData\Roaming\IObit
2015-02-28 12:08:58 ----D---- C:\Users\Petr\AppData\Roaming\Battle.net
2015-02-28 12:05:06 ----D---- C:\Program Files (x86)\Hearthstone
2015-02-27 15:18:56 ----D---- C:\Windows\system32\DriverStore
2015-02-24 15:08:10 ----D---- C:\Program Files (x86)\Opera
2015-02-22 08:36:05 ----D---- C:\Windows\Minidump
2015-02-22 08:29:33 ----D---- C:\Program Files (x86)\Google
2015-02-21 09:10:04 ----D---- C:\Windows\Microsoft.NET
2015-02-20 14:03:29 ----D---- C:\Windows\Prefetch
2015-02-19 17:31:45 ----D---- C:\Program Files\Speccy
2015-02-19 16:40:11 ----D---- C:\ProgramData\Skype
2015-02-19 16:38:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-19 16:11:39 ----D---- C:\Program Files (x86)\Common Files
2015-02-17 17:00:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-17 16:52:12 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-02-17 15:39:56 ----D---- C:\Windows\system32\en-US
2015-02-17 15:39:55 ----D---- C:\Windows\Web
2015-02-16 14:24:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-16 14:24:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-16 14:15:15 ----D---- C:\Windows\winsxs
2015-02-16 14:15:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-16 14:15:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\sk-SK
2015-02-16 14:15:08 ----D---- C:\Windows\system32\cs-CZ
2015-02-15 12:26:30 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-15 12:26:28 ----D---- C:\Windows\system32\drivers\en-US
2015-02-15 12:26:27 ----D---- C:\Windows\system32\wbem
2015-02-15 12:26:25 ----D---- C:\Windows\tracing
2015-02-15 11:59:21 ----SD---- C:\ProgramData\Microsoft
2015-02-12 18:59:12 ----D---- C:\Users\Petr\AppData\Roaming\PhotoScape
2015-02-12 18:58:48 ----D---- C:\Windows\ModemLogs
2015-02-11 15:18:30 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 15:18:27 ----D---- C:\Windows\system32\appraiser
2015-02-11 15:18:21 ----D---- C:\Program Files\Internet Explorer
2015-02-11 15:18:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-11 15:12:27 ----D---- C:\Windows\system32\MRT
2015-02-11 15:02:16 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 14:51:32 ----D---- C:\Windows\system32\catroot
2015-02-09 19:57:04 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-05 20:47:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 13:37:13 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-12 77952]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-12 37504]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-06-17 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-02-28 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-10-08 122072]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-04 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-04 295424]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-13 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-04-13 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-04-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-04-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-04-13 281760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 EagleX64;EagleX64; C:\Windows\system32\drivers\EagleX64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-19 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-01-19 30208]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-04 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-04 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-13 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-13 77984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-10-08 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-10-08 782040]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-12-15 9216]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-09-01 227896]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-02-03 76888]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-09-01 991288]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-10-08 409304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-16 1900400]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#8 Příspěvek od Rudy »

Dvouklikem na soubor C:\Program Files\trend micro\Petr.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Re: Kontrola logu

#9 Příspěvek od Nexxy »

Nemám tam Petr.exe :/
E: Aha mám koukal jsem do Program Files x86
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#10 Příspěvek od Rudy »

Nastala po fixu nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Nexxy
Návštěvník
Návštěvník
Příspěvky: 162
Registrován: 20 srp 2013 09:02

Re: Kontrola logu

#11 Příspěvek od Nexxy »

Ano, je to rychlejší, děkuji :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#12 Příspěvek od Rudy »

Rádo sa stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“