Prosím o kontrolu logu

[emalc]

Tak po dlouhé a dlouhé době na mě dneska vyskočil tenhle nehezký obrázek http://screencast.com/t/bVNLw2Ab8pC.
Předem díky za rady

Zde výpis:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PetrMalec at 2015-03-23 20:47:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 66 GB (54%) free of 122 GB
Total RAM: 8190 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:47:22, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
D:\Programy\Phone\Skype.exe
C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
D:\Programy\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files\trend micro\PetrMalec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 2520001529
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 2520001529
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 2520001529
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 2520001529
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programy\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Track-o-Bot] "D:\Hry\Track-o-Bot\Track-o-Bot.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programy\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [TSMApplication] "D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: QIP.lnk = D:\Programy\QIP Infium\infium.exe
O4 - Startup: Serviio.lnk = D:\Programy\Serviio\bin\ServiioConsole.exe
O4 - Startup: XvidCodec.lnk = C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - D:\Programy\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programy\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13848 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Programy\Phone\Skype.exe" /minimized /regrun
"C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"D:\Programy\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "https://get3.adobe.com/cz/flashplayer/update/activex"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3956.0.1272610572\1194336451" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.1.1603968737\1462481562" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.3.1248807845\1809776911" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.4.1405256833\204953829" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.5.1279103091\1555679973" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.6.1648730861\1844909414" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.7.142169547\1938331748" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.8.1971699177\955788114" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.9.1364777559\2118192862" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.10.1364707904\1039867646" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.12.1482374612\1349842373" /prefetch:673131151
"C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe" -sync_complete
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-24b4770d-c6e6-4b38-ae47-ea2fea4ccfb5 -SystemEventPortName:HostProcess-4326aa88-3f7d-4520-83bb-d96063696162 -IoCancelEventPortName:HostProcess-c977622b-18d2-4fc9-96e0-854948cc7a43 -NonStateChangingEventPortName:HostProcess-65e596bd-aee6-41d1-94bc-92c50854a011 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d73d8b7f-3fa8-46ae-ac29-c2695d953500 -DeviceGroupId:WpdFsGroup
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe"
"C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe" --type=gpu-process --channel="4668.0.1486581532\471672945" --no-sandbox --lang=en-US --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --lang=en-US /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3956 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3956.19.219582989\582181464" /prefetch:673131151
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\TechSmith\Jing\Jing.exe" /splash

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"D:\Users\PetrMalec\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[emalc]

Díky za pomoc, co dále?
Níže log.

# AdwCleaner v4.113 - Logfile created 23/03/2015 at 21:25:06
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : PetrMalec - PETRMALEC-PC
# Running from : D:\Users\PetrMalec\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\saofe isave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saofe isave
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SafeSaver
Folder Deleted : C:\Program Files (x86)\SalePLus
Folder Deleted : C:\Program Files (x86)\youtubeadblocker
Folder Deleted : C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Folder Deleted : C:\ProgramData\oplkifmnoimeijoccpjifgjcdkecmolh
File Deleted : C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
File Deleted : C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
File Deleted : C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\dcb3ea09-3d7a-bc39-db57-8253e8c7d4a5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{afa5aa21}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{41F978F3-431A-4464-A789-5C0692D562FB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0B55F99-F893-4F84-AE82-CAE0E70DFDFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\WajIntEnhance
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\dll-files.com
Key Deleted : HKLM\SOFTWARE\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v41.0.2272.101

[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.icq.com/search/results/?q={searchTe ... cq-fx-plug
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

-\\ Chromium v

[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.icq.com/search/results/?q={searchTe ... cq-fx-plug
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\PetrMalec\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

*************************

AdwCleaner[R0].txt - [8592 bytes] - [23/03/2015 21:19:52]
AdwCleaner[R1].txt - [8651 bytes] - [23/03/2015 21:23:24]
AdwCleaner[S0].txt - [7789 bytes] - [23/03/2015 21:25:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7848 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[emalc]

Zde nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PetrMalec at 2015-03-23 21:35:12
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 66 GB (54%) free of 122 GB
Total RAM: 8190 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:13, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
D:\Programy\Phone\Skype.exe
C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
D:\Programy\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files\trend micro\PetrMalec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programy\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Track-o-Bot] "D:\Hry\Track-o-Bot\Track-o-Bot.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programy\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [TSMApplication] "D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: QIP.lnk = D:\Programy\QIP Infium\infium.exe
O4 - Startup: Serviio.lnk = D:\Programy\Serviio\bin\ServiioConsole.exe
O4 - Startup: XvidCodec.lnk = C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - D:\Programy\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programy\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11915 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Programy\Phone\Skype.exe" /minimized /regrun
"C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"D:\Programy\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a080f98c-2b03-41b1-854d-75bb19b9429c -SystemEventPortName:HostProcess-0ee679ee-98d1-4649-9037-f7bfc3647fc1 -IoCancelEventPortName:HostProcess-0e5505ce-7a13-460a-b2e3-77e386d16461 -NonStateChangingEventPortName:HostProcess-bb6e3220-3481-4eee-8cee-321d54b49194 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3081c59f-adfb-4a67-b056-bb11b66b978a -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe" -sync_complete
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe"
"C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe" --type=gpu-process --channel="4616.0.1312619818\1741961984" --no-sandbox --lang=en-US --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --lang=en-US /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Users\PetrMalec\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Rudy]

Log není kompletní.

[emalc]

Omlouvám se, zde by měl být plný log.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PetrMalec at 2015-03-23 21:56:29
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 66 GB (54%) free of 122 GB
Total RAM: 8190 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:30, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
D:\Programy\Phone\Skype.exe
C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
D:\Programy\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\PetrMalec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programy\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Track-o-Bot] "D:\Hry\Track-o-Bot\Track-o-Bot.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programy\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [TSMApplication] "D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: QIP.lnk = D:\Programy\QIP Infium\infium.exe
O4 - Startup: Serviio.lnk = D:\Programy\Serviio\bin\ServiioConsole.exe
O4 - Startup: XvidCodec.lnk = C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - D:\Programy\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programy\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12891 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Programy\Phone\Skype.exe" /minimized /regrun
"C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"D:\Programy\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a080f98c-2b03-41b1-854d-75bb19b9429c -SystemEventPortName:HostProcess-0ee679ee-98d1-4649-9037-f7bfc3647fc1 -IoCancelEventPortName:HostProcess-0e5505ce-7a13-460a-b2e3-77e386d16461 -NonStateChangingEventPortName:HostProcess-bb6e3220-3481-4eee-8cee-321d54b49194 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3081c59f-adfb-4a67-b056-bb11b66b978a -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe" -sync_complete
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe"
"C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe" --type=gpu-process --channel="4616.0.1312619818\1741961984" --no-sandbox --lang=en-US --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --lang=en-US /prefetch:822062411
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3672.0.2135290570\455002349" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.1.1264439173\1870612656" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.2.698912370\192296000" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.4.1229288479\859850150" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.5.88524712\1755364000" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.6.1336872168\2027793834" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.7.561924798\1705377094" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.8.1875233819\669310474" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.9.478320301\1610805494" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.10.1061113376\468618125" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.12.455403224\348588376" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.16.176051491\288454470" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3672.38.2084802342\423641055" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.47.549438027\1864749283" /prefetch:673131151
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 486DA41B-532F-B6D1-85C9-63F4918B3C15 -Reinvoke
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Mixed/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlEnforce/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/DevHQPFrequencyBugFix/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/V8CacheOptions/recent/VoiceTrigger/Install/WebRTC-ScreencastTargetBitrateOvershoot/Control/WebRTC-SupportVP9/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3672 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="3672.59.520072137\208449101" /prefetch:673131151
"D:\Users\PetrMalec\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Hry\Steam\steam.exe [2015-02-19 2874048]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Track-o-Bot"=D:\Hry\Track-o-Bot\Track-o-Bot.exe [2014-12-27 798208]
"Skype"=D:\Programy\Phone\Skype.exe [2015-02-26 31344744]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-02-25 40688]
"TSMApplication"=D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"iTunesHelper"=D:\Programy\iTunes\iTunesHelper.exe [2014-01-20 152392]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-29 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"MSStp"=C:\Windows\system32\msstp.vbe []
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2015-02-28 590144]
"QuickTime Task"=D:\Programy\QuickTime\QTTask.exe [2014-10-02 421888]

C:\Users\PetrMalec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
EvernoteTray.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
QIP.lnk - D:\Programy\QIP Infium\infium.exe
Serviio.lnk - D:\Programy\Serviio\bin\ServiioConsole.exe
XvidCodec.lnk - C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 month======

2015-03-23 21:19:51 ----D---- C:\AdwCleaner
2015-03-23 20:40:26 ----D---- C:\Program Files\trend micro
2015-03-23 20:40:25 ----D---- C:\rsit
2015-03-23 19:58:10 ----D---- C:\Users\PetrMalec\AppData\Roaming\ESET
2015-03-23 19:57:23 ----D---- C:\ProgramData\ESET
2015-03-23 19:57:23 ----D---- C:\Program Files\ESET
2015-03-22 09:41:05 ----D---- C:\ProgramData\{c6234641-a518-9f82-c623-34641a511906}
2015-03-22 09:39:34 ----D---- C:\Program Files (x86)\SystemEnterprise
2015-03-22 09:38:49 ----D---- C:\Program Files (x86)\Whiskey Militia Countdown Timer
2015-03-22 09:37:35 ----D---- C:\ProgramData\10535515856790026108
2015-03-22 09:36:41 ----D---- C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}
2015-03-21 07:56:34 ----D---- C:\Program Files (x86)\Skype
2015-03-10 20:15:24 ----D---- C:\Program Files (x86)\Evernote
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\lpk.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\fontsub.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\dciman32.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\atmlib.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\atmfd.dll
2015-03-10 19:52:37 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-10 19:52:37 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-10 19:52:37 ----A---- C:\Windows\system32\blackbox.dll
2015-03-10 19:52:36 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-10 19:52:36 ----A---- C:\Windows\system32\wmp.dll
2015-03-10 19:52:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-10 19:52:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-10 19:52:35 ----A---- C:\Windows\system32\mf.dll
2015-03-10 19:52:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-10 19:52:34 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-10 19:52:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-10 19:52:33 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-10 19:52:33 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-10 19:52:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-10 19:52:33 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-10 19:52:33 ----A---- C:\Windows\system32\crypt32.dll
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\wintrust.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\quartz.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\evr.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\qdvd.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\mfplat.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\cryptui.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\winresume.exe
2015-03-10 19:52:30 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\msscp.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-10 19:52:30 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-10 19:52:29 ----A---- C:\Windows\system32\winload.exe
2015-03-10 19:52:29 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-10 19:52:29 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-10 19:52:28 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-10 19:52:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\srcore.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\rstrui.exe
2015-03-10 19:52:28 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-10 19:52:28 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\ci.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\audiodg.exe
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-10 19:52:27 ----A---- C:\Windows\system32\pcadm.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\mfps.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\srclient.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\smss.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\pcalua.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\EncDump.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\appidapi.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\spwmp.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\mferror.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 19:52:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-10 19:52:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-10 19:52:24 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-10 19:52:15 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-10 19:52:15 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-10 19:52:15 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-10 19:52:05 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-10 19:52:05 ----A---- C:\Windows\system32\ubpm.dll
2015-03-10 19:52:04 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-10 19:52:04 ----A---- C:\Windows\system32\shell32.dll
2015-03-10 19:52:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\schannel.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-10 19:52:02 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-10 19:52:01 ----A---- C:\Windows\system32\wdigest.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\sspicli.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\secur32.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\lsass.exe
2015-03-10 19:52:01 ----A---- C:\Windows\system32\kerberos.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-10 19:52:01 ----A---- C:\Windows\system32\credssp.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\auditpol.exe
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\msobjs.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\msaudite.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\adtschema.dll
2015-03-10 19:51:57 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-10 19:51:57 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-10 19:51:57 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-10 19:51:57 ----A---- C:\Windows\system32\msctf.dll
2015-03-10 19:51:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-10 19:51:56 ----A---- C:\Windows\system32\win32k.sys
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-10 19:51:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-10 19:51:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\iernonce.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\urlmon.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-10 19:51:51 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 19:51:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-10 19:51:51 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-10 19:51:50 ----A---- C:\Windows\system32\iesetup.dll
2015-03-10 19:51:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-10 19:51:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-10 19:51:49 ----A---- C:\Windows\system32\iertutil.dll
2015-03-10 19:51:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-10 19:51:48 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-10 19:51:48 ----A---- C:\Windows\system32\ieui.dll
2015-03-10 19:51:48 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\ieframe.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\wininet.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\vbscript.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\jscript9.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\msrating.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\mshtml.dll
2015-03-10 19:51:17 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-10 19:51:17 ----A---- C:\Windows\system32\WMPhoto.dll

======List of files/folders modified in the last 1 month======

2015-03-23 21:56:31 ----D---- C:\Windows\Temp
2015-03-23 21:55:34 ----D---- C:\Users\PetrMalec\AppData\Roaming\Skype
2015-03-23 21:32:38 ----D---- C:\Windows\System32
2015-03-23 21:32:38 ----D---- C:\Windows\inf
2015-03-23 21:32:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-23 21:29:40 ----D---- C:\Windows\system32\config
2015-03-23 21:28:32 ----D---- C:\Users\PetrMalec\AppData\Roaming\Dropbox
2015-03-23 21:25:07 ----RD---- C:\Program Files (x86)
2015-03-23 21:25:07 ----D---- C:\ProgramData
2015-03-23 20:40:26 ----RD---- C:\Program Files
2015-03-23 20:03:59 ----SHD---- C:\Config.Msi
2015-03-23 19:58:05 ----SHD---- C:\Windows\Installer
2015-03-23 19:57:55 ----D---- C:\Windows\system32\DriverStore
2015-03-23 19:57:55 ----D---- C:\Windows\system32\drivers
2015-03-22 19:51:45 ----SHD---- C:\System Volume Information
2015-03-22 18:46:41 ----D---- C:\Users\PetrMalec\AppData\Roaming\FileZilla
2015-03-22 09:42:23 ----D---- C:\Windows\SysWOW64
2015-03-22 09:37:30 ----D---- C:\Users\PetrMalec\AppData\Roaming\uTorrent
2015-03-22 08:06:56 ----D---- C:\Users\PetrMalec\AppData\Roaming\vlc
2015-03-21 07:56:23 ----D---- C:\ProgramData\Skype
2015-03-12 18:59:02 ----D---- C:\Windows\rescache
2015-03-11 18:09:04 ----D---- C:\Windows\system32\catroot2
2015-03-11 18:08:58 ----D---- C:\Windows\winsxs
2015-03-11 18:08:57 ----SHD---- C:\Boot
2015-03-11 18:07:49 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 18:07:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-11 18:07:49 ----D---- C:\Windows\system32\en-US
2015-03-11 18:07:49 ----D---- C:\Windows\system32\Dism
2015-03-11 18:07:49 ----D---- C:\Windows\system32\cs-CZ
2015-03-11 18:07:49 ----D---- C:\Program Files\Windows Media Player
2015-03-11 18:07:49 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 18:07:48 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 18:07:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 18:07:48 ----D---- C:\Windows\system32\Boot
2015-03-11 18:07:48 ----D---- C:\Program Files\Internet Explorer
2015-03-11 18:07:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 00:07:58 ----D---- C:\ProgramData\Microsoft Help
2015-03-11 00:02:09 ----D---- C:\Windows\system32\MRT
2015-03-10 23:53:53 ----A---- C:\Windows\system32\MRT.exe
2015-03-10 20:15:43 ----D---- C:\Windows\system32\Tasks
2015-03-10 19:51:15 ----D---- C:\Windows\system32\catroot
2015-03-08 20:28:53 ----D---- C:\Program Files\Common Files\Apple
2015-03-04 21:16:46 ----D---- C:\Program Files (x86)\Overwolf
2015-03-03 14:17:35 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-26 17:19:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-12-10 129600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-12-30 39592]
R3 rzudd;Razer Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-12-30 177832]
R3 rzvkeyboard;Razer Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\rzvkeyboard.sys [2014-12-30 31912]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-01-14 33856]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SIVDriver;SIV Kernel Driver; \??\C:\Windows\system32\Drivers\SIVX64.sys [2013-03-14 131832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 238080]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-09-27 126880]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S2 afa5aa21;SystemEnterprise; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24 116648]
S2 Serviio;Serviio; D:\Programy\Serviio\bin\ServiioService.exe [2014-03-21 359936]
S2 SkypeUpdate;Skype Updater; D:\Programy\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-25 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-02-25 998640]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-26 563624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\system32\msstp.vbe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"MSStp"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[emalc]

Zde nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PetrMalec at 2015-03-23 22:30:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 66 GB (54%) free of 122 GB
Total RAM: 8190 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:29, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
D:\Hry\Steam\Steam.exe
D:\Hry\Track-o-Bot\Track-o-Bot.exe
D:\Programy\Phone\Skype.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
D:\Programy\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe
C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
D:\Hry\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\PetrMalec.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programy\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programy\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Track-o-Bot] "D:\Hry\Track-o-Bot\Track-o-Bot.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programy\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKCU\..\Run: [TSMApplication] "D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Startup: QIP.lnk = D:\Programy\QIP Infium\infium.exe
O4 - Startup: Serviio.lnk = D:\Programy\Serviio\bin\ServiioConsole.exe
O4 - Startup: XvidCodec.lnk = C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Serviio - Unknown owner - D:\Programy\Serviio\bin\ServiioService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programy\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12253 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
D:\Programy\Serviio\bin\ServiioService.exe
D:\Programy\Serviio\bin\ServiioService.exe Serviio __i4j_restart
D:\Programy\Updater\Updater.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d44959d1-5c79-45b5-9ecb-9200c2c5508c -SystemEventPortName:HostProcess-72bbd369-5ee9-46d6-951e-fd13e0605360 -IoCancelEventPortName:HostProcess-95b2763c-8bf7-4495-9347-d84823ab32e8 -NonStateChangingEventPortName:HostProcess-d2530bd4-93f0-4259-927e-d32f1a0f83ef -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e1bb0c02-f55f-494f-bfb4-0a0acee7f44f -DeviceGroupId:WpdFsGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"D:\Hry\Steam\Steam.exe" -silent
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"D:\Hry\Track-o-Bot\Track-o-Bot.exe"
"D:\Programy\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Overwolf\Overwolf.exe" -silent
"C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"D:\Programy\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Evernote\Evernote\Evernote.exe" /Hide
"D:\Programy\Serviio\bin\ServiioConsole.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe" -sync_complete
"C:\Program Files (x86)\Overwolf\0.83.62.0\OverwolfBrowser.exe" --type=gpu-process --channel="3768.0.534286063\1381065245" --no-sandbox --lang=en-US --log-file="C:\Users\PetrMalec\AppData\Local\Overwolf\Log\OverwolfBrowser_3768.log" --log-severity=info --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --lang=en-US --log-file="C:\Users\PetrMalec\AppData\Local\Overwolf\Log\OverwolfBrowser_3768.log" --log-severity=info "UserAgent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36 OverwolfClient/0.83.62.0" "UserAgent=Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36 OverwolfClient/0.83.62.0" /prefetch:822062411
"C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.83.62.0" "overwolfprocid=3768"
"C:\Program Files (x86)\Common Files\Overwolf\0.83.62.0\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.83.62.0\x64\OWExplorerLauncher.dll
"C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\PetrMalec\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe" --type=gpu-process --channel="4904.0.1337748661\1781249635" --no-sandbox --lang=en-US --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x9442 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.3000 --lang=en-US /prefetch:822062411
"D:\Hry\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\PetrMalec\AppData\Local\Steam\htmlcache" -steampid 3624 -buildid 1424305157 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"D:\Users\PetrMalec\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\Hry\Steam\steam.exe [2015-02-19 2874048]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Track-o-Bot"=D:\Hry\Track-o-Bot\Track-o-Bot.exe [2014-12-27 798208]
"Skype"=D:\Programy\Phone\Skype.exe [2015-02-26 31344744]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-02-25 40688]
"TSMApplication"=D:\Users\PetrMalec\Desktop\TSMApplication\TSMApplication.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NPSStartup"= []
"iTunesHelper"=D:\Programy\iTunes\iTunesHelper.exe [2014-01-20 152392]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-29 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2015-02-28 590144]
"QuickTime Task"=D:\Programy\QuickTime\QTTask.exe [2014-10-02 421888]

C:\Users\PetrMalec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\PetrMalec\Appdata\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
EvernoteTray.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
QIP.lnk - D:\Programy\QIP Infium\infium.exe
Serviio.lnk - D:\Programy\Serviio\bin\ServiioConsole.exe
XvidCodec.lnk - C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}\XvidCodec.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 month======

2015-03-23 21:19:51 ----D---- C:\AdwCleaner
2015-03-23 20:40:26 ----D---- C:\Program Files\trend micro
2015-03-23 20:40:25 ----D---- C:\rsit
2015-03-23 19:58:10 ----D---- C:\Users\PetrMalec\AppData\Roaming\ESET
2015-03-23 19:57:23 ----D---- C:\ProgramData\ESET
2015-03-23 19:57:23 ----D---- C:\Program Files\ESET
2015-03-22 09:41:05 ----D---- C:\ProgramData\{c6234641-a518-9f82-c623-34641a511906}
2015-03-22 09:39:34 ----D---- C:\Program Files (x86)\SystemEnterprise
2015-03-22 09:38:49 ----D---- C:\Program Files (x86)\Whiskey Militia Countdown Timer
2015-03-22 09:37:35 ----D---- C:\ProgramData\10535515856790026108
2015-03-22 09:36:41 ----D---- C:\ProgramData\{b51673df-b702-4f76-b516-673dfb70cf7e}
2015-03-21 07:56:34 ----D---- C:\Program Files (x86)\Skype
2015-03-10 20:15:24 ----D---- C:\Program Files (x86)\Evernote
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-10 19:52:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\lpk.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\fontsub.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\dciman32.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\atmlib.dll
2015-03-10 19:52:42 ----A---- C:\Windows\system32\atmfd.dll
2015-03-10 19:52:37 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-10 19:52:37 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-10 19:52:37 ----A---- C:\Windows\system32\blackbox.dll
2015-03-10 19:52:36 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-10 19:52:36 ----A---- C:\Windows\system32\wmp.dll
2015-03-10 19:52:35 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-10 19:52:35 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-10 19:52:35 ----A---- C:\Windows\system32\mf.dll
2015-03-10 19:52:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-10 19:52:34 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-10 19:52:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-10 19:52:33 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-10 19:52:33 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-10 19:52:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-10 19:52:33 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-10 19:52:33 ----A---- C:\Windows\system32\crypt32.dll
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-10 19:52:32 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\wintrust.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\quartz.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\evr.dll
2015-03-10 19:52:32 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-10 19:52:31 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\qdvd.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\mfplat.dll
2015-03-10 19:52:31 ----A---- C:\Windows\system32\cryptui.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-10 19:52:30 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\winresume.exe
2015-03-10 19:52:30 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\msscp.dll
2015-03-10 19:52:30 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-10 19:52:30 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-10 19:52:29 ----A---- C:\Windows\system32\winload.exe
2015-03-10 19:52:29 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-10 19:52:29 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-10 19:52:28 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-10 19:52:28 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\srcore.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\rstrui.exe
2015-03-10 19:52:28 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-10 19:52:28 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\ci.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-10 19:52:28 ----A---- C:\Windows\system32\audiodg.exe
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-10 19:52:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-10 19:52:27 ----A---- C:\Windows\system32\pcadm.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\mfps.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-10 19:52:27 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-10 19:52:26 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\srclient.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\smss.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\pcalua.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-10 19:52:26 ----A---- C:\Windows\system32\EncDump.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-10 19:52:26 ----A---- C:\Windows\system32\appidapi.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-10 19:52:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\spwmp.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\mferror.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-10 19:52:25 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 19:52:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-10 19:52:24 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-10 19:52:24 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-10 19:52:15 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-10 19:52:15 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-10 19:52:15 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-10 19:52:05 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-10 19:52:05 ----A---- C:\Windows\system32\ubpm.dll
2015-03-10 19:52:04 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-10 19:52:04 ----A---- C:\Windows\system32\shell32.dll
2015-03-10 19:52:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\schannel.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-10 19:52:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-10 19:52:02 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-10 19:52:01 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-10 19:52:01 ----A---- C:\Windows\system32\wdigest.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\sspicli.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\secur32.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\lsass.exe
2015-03-10 19:52:01 ----A---- C:\Windows\system32\kerberos.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-10 19:52:01 ----A---- C:\Windows\system32\credssp.dll
2015-03-10 19:52:01 ----A---- C:\Windows\system32\auditpol.exe
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-10 19:52:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\msobjs.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\msaudite.dll
2015-03-10 19:52:00 ----A---- C:\Windows\system32\adtschema.dll
2015-03-10 19:51:57 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-10 19:51:57 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-10 19:51:57 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-10 19:51:57 ----A---- C:\Windows\system32\msctf.dll
2015-03-10 19:51:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-10 19:51:56 ----A---- C:\Windows\system32\win32k.sys
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-10 19:51:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-10 19:51:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-10 19:51:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-10 19:51:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\iernonce.dll
2015-03-10 19:51:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-10 19:51:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\urlmon.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 19:51:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-10 19:51:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-10 19:51:51 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 19:51:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-10 19:51:51 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-10 19:51:50 ----A---- C:\Windows\system32\iesetup.dll
2015-03-10 19:51:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-10 19:51:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-10 19:51:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-10 19:51:49 ----A---- C:\Windows\system32\iertutil.dll
2015-03-10 19:51:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-10 19:51:48 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-10 19:51:48 ----A---- C:\Windows\system32\ieui.dll
2015-03-10 19:51:48 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-10 19:51:47 ----A---- C:\Windows\system32\ieframe.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\wininet.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\vbscript.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-10 19:51:46 ----A---- C:\Windows\system32\jscript9.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\msrating.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-10 19:51:45 ----A---- C:\Windows\system32\mshtml.dll
2015-03-10 19:51:17 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-10 19:51:17 ----A---- C:\Windows\system32\WMPhoto.dll

======List of files/folders modified in the last 1 month======

2015-03-23 22:30:20 ----D---- C:\Users\PetrMalec\AppData\Roaming\Skype
2015-03-23 22:29:39 ----D---- C:\Users\PetrMalec\AppData\Roaming\Dropbox
2015-03-23 22:27:37 ----D---- C:\Windows\Temp
2015-03-23 22:24:46 ----D---- C:\Windows\system32\Tasks
2015-03-23 22:24:45 ----D---- C:\Windows\Tasks
2015-03-23 21:40:35 ----D---- C:\Windows\system32\config
2015-03-23 21:32:38 ----D---- C:\Windows\System32
2015-03-23 21:32:38 ----D---- C:\Windows\inf
2015-03-23 21:32:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-23 21:25:07 ----RD---- C:\Program Files (x86)
2015-03-23 21:25:07 ----D---- C:\ProgramData
2015-03-23 20:40:26 ----RD---- C:\Program Files
2015-03-23 20:03:59 ----SHD---- C:\Config.Msi
2015-03-23 19:58:05 ----SHD---- C:\Windows\Installer
2015-03-23 19:57:55 ----D---- C:\Windows\system32\DriverStore
2015-03-23 19:57:55 ----D---- C:\Windows\system32\drivers
2015-03-22 19:51:45 ----SHD---- C:\System Volume Information
2015-03-22 18:46:41 ----D---- C:\Users\PetrMalec\AppData\Roaming\FileZilla
2015-03-22 09:42:23 ----D---- C:\Windows\SysWOW64
2015-03-22 09:37:30 ----D---- C:\Users\PetrMalec\AppData\Roaming\uTorrent
2015-03-22 08:06:56 ----D---- C:\Users\PetrMalec\AppData\Roaming\vlc
2015-03-21 07:56:23 ----D---- C:\ProgramData\Skype
2015-03-12 18:59:02 ----D---- C:\Windows\rescache
2015-03-11 18:09:04 ----D---- C:\Windows\system32\catroot2
2015-03-11 18:08:58 ----D---- C:\Windows\winsxs
2015-03-11 18:08:57 ----SHD---- C:\Boot
2015-03-11 18:07:49 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 18:07:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-11 18:07:49 ----D---- C:\Windows\system32\en-US
2015-03-11 18:07:49 ----D---- C:\Windows\system32\Dism
2015-03-11 18:07:49 ----D---- C:\Windows\system32\cs-CZ
2015-03-11 18:07:49 ----D---- C:\Program Files\Windows Media Player
2015-03-11 18:07:49 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 18:07:48 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-11 18:07:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 18:07:48 ----D---- C:\Windows\system32\Boot
2015-03-11 18:07:48 ----D---- C:\Program Files\Internet Explorer
2015-03-11 18:07:48 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 00:07:58 ----D---- C:\ProgramData\Microsoft Help
2015-03-11 00:02:09 ----D---- C:\Windows\system32\MRT
2015-03-10 23:53:53 ----A---- C:\Windows\system32\MRT.exe
2015-03-10 19:51:15 ----D---- C:\Windows\system32\catroot
2015-03-08 20:28:53 ----D---- C:\Program Files\Common Files\Apple
2015-03-04 21:16:46 ----D---- C:\Program Files (x86)\Overwolf
2015-03-03 14:17:35 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-26 17:19:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-10-10 63160]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-23 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-10-10 44632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-10-10 222280]
R2 rzpmgrk;rzpmgrk; \??\C:\Windows\system32\drivers\rzpmgrk.sys [2015-02-05 37184]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-12-10 129600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 lvpepf64;Volume Adapter; C:\Windows\system32\DRIVERS\lv302a64.sys [2008-07-26 15768]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2008-07-26 790424]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2008-07-26 50072]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V64.SYS [2008-07-26 2624408]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-12-30 39592]
R3 rzudd;Razer Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-12-30 177832]
R3 rzvkeyboard;Razer Virtual Keyboard Driver; C:\Windows\system32\DRIVERS\rzvkeyboard.sys [2014-12-30 31912]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Programy\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-01-14 33856]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SIVDriver;SIV Kernel Driver; \??\C:\Windows\system32\Drivers\SIVX64.sys [2013-03-14 131832]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-04 238080]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-10-01 1349576]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-09-27 126880]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Razer Game Scanner Service;Razer Game Scanner; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-02-05 187072]
R2 Serviio;Serviio; D:\Programy\Serviio\bin\ServiioService.exe [2014-03-21 359936]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-02 4972864]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-01-20 641352]
S2 afa5aa21;SystemEnterprise; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24 116648]
S2 SkypeUpdate;Skype Updater; D:\Programy\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-25 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-02-25 998640]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-26 563624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[emalc]

Tak nevím nechal jsem to běžet přes noc a moc čisté to nevypadá http://screencast.com/t/qR4fAeJHTH

[Rudy]

Ještě jsme čištění nedokončili.

Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Dále spusťte MBAM: http://www.malwarebytes.org/mbam.php . Udělejte sken, dejte log a předem nic nemažte.

[emalc]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.3.2015
Čas skenování: 19:58:36
Protokol:
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.24.07
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: PetrMalec

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 380728
Uplynulý čas: 15 min, 6 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 3
PUP.Optional.Multiplug, HKU\S-1-5-21-3072211423-3378495955-117638473-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [fc5b85c4107ae4528334978f986b45bb],
PUP.Optional.Multiplug, HKU\S-1-5-21-3072211423-3378495955-117638473-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [fc5b85c4107ae4528334978f986b45bb],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3072211423-3378495955-117638473-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [f760b6935a302c0a6168f4c12ed5b947],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Vše, co MBAM nalezl, smažte.

[emalc]

Hotovo, je to vše?

[Rudy]

Pokud je problém pryč, je to vše.