Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Havěť

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Twitty
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 kvě 2015 14:57

Havěť

#1 Příspěvek od Twitty »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Míla at 2015-05-27 16:00:29
Microsoft Windows 8.1
System drive C: has 121 GB (64%) free of 190 GB
Total RAM: 3982 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:00:35, on 27. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Microsoft Office 15\Root\Office15\POWERPNT.EXE
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Míla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: bestadblocker - {4BD044B2-EFAA-4C3D-9DE2-143EFB480A61} - C:\Program Files (x86)\bestadblocker\rLka8dalCY6N06.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: PriiceMinus - {A0922CC5-DD7F-432F-AA9A-5F996B788B45} - C:\Program Files (x86)\PriiceMinus\uLdbrTvzfpEf0f.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S4C49.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10426 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {0f6b41fd-1345-414b-98e3c4081cae4eec}
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\FBAgent.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
taskhostex.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.EXE" /FU "C:\WINDOWS\TEMP\E_S4C49.tmp" /EF "HKCU"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\WINDOWS\FileManager\FileManager.exe" -ServerName:Microsoft.Windows.FileManager
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\Microsoft Office 15\Root\Office15\POWERPNT.EXE" "C:\Users\Míla\OneDrive\Google.pptx" /ou ""
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
C:\WINDOWS\system32\rundll32.exe appraiser.dll,DoScheduledTelemetryRun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3380.0.1757092668\192095844" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3380 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3380.2.1216065984\2007683102" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3380 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3380.3.1375883983\1268337646" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3380 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3380.4.389034832\1105803814" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/*PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/*SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3380 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3380.17.390983656\1047039695" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/*PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/*SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3380 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3380.19.1093780288\484918541" /prefetch:673131151

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe53_ Global\UsGthrCtrlFltPipeMssGthrPipe53 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\Míla\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Bidaily Synchronize Task[pr].job - c:\programdata\{01cb863c-7540-f9c9-01cb-b863c75418f1}\philz_touch_6.03.8-jfltexx.tar.md5.exe --startup=1 --single
C:\WINDOWS\tasks\DLL-Files FixerASKUSER.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -askuser
C:\WINDOWS\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe scan
C:\WINDOWS\tasks\DLL-Files.Com Fixer_Updates.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://www.mystartsearch.com/?type=hp&t ... XXW0VHFCFX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default\searchplugins\
Google.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10 219296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}]
bestadblocker - C:\Program Files (x86)\bestadblocker\rLka8dalCY6N06.x64.dll [2015-05-26 883712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}]
PriiceMinus - C:\Program Files (x86)\PriiceMinus\uLdbrTvzfpEf0f.x64.dll [2015-05-26 883712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}]
bestadblocker - C:\Program Files (x86)\bestadblocker\rLka8dalCY6N06.dll [2015-05-26 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}]
PriiceMinus - C:\Program Files (x86)\PriiceMinus\uLdbrTvzfpEf0f.dll [2015-05-26 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"EPSON SX218 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-10-23 374024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-27 16:00:29 ----D---- C:\rsit
2015-05-26 15:50:39 ----D---- C:\WINDOWS\LastGood
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\X86
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\AMD64
2015-05-26 15:41:19 ----D---- C:\Program Files (x86)\EZDownloader
2015-05-26 15:39:49 ----D---- C:\Program Files (x86)\Fix Url Links Redirect
2015-05-26 15:39:15 ----D---- C:\Program Files (x86)\bestadblocker
2015-05-26 15:39:04 ----D---- C:\Program Files (x86)\PriiceMinus
2015-05-26 15:38:35 ----D---- C:\ProgramData\17464031256837415382
2015-05-26 15:38:35 ----D---- C:\Program Files (x86)\PPriceMinous
2015-05-26 15:37:24 ----D---- C:\ProgramData\{01cb863c-7540-f9c9-01cb-b863c75418f1}
2015-05-26 15:13:08 ----HD---- C:\OneDriveTemp
2015-05-20 14:53:39 ----D---- C:\WINDOWS\Migration
2015-05-14 09:33:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-13 18:10:20 ----D---- C:\Users\Míla\AppData\Roaming\Ubisoft
2015-05-13 18:10:20 ----D---- C:\ProgramData\Ubisoft
2015-05-13 14:45:05 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-13 14:45:03 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-13 14:44:58 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-13 14:44:58 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:44:52 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-13 14:44:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:44:51 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:44:50 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 14:44:49 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:44:15 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-13 14:44:13 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-13 14:44:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:44:11 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-13 14:44:07 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:44:06 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:43:49 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-13 14:43:49 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-13 14:43:42 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:43:41 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:43:55 ----D---- C:\WINDOWS\cs
2015-05-12 20:43:31 ----D---- C:\WINDOWS\pl
2015-05-12 20:43:17 ----D---- C:\WINDOWS\hu
2015-05-12 20:43:01 ----D---- C:\WINDOWS\sk
2015-05-12 20:26:30 ----D---- C:\Program Files\paint.net
2015-05-12 19:56:24 ----A---- C:\WINDOWS\SYSWOW64\msvcr120.dll
2015-05-12 19:45:03 ----A---- C:\WINDOWS\SYSWOW64\msvcp120.dll
2015-05-12 19:45:01 ----A---- C:\WINDOWS\system32\msvcp120.dll
2015-05-12 19:44:46 ----D---- C:\Users\Míla\AppData\Roaming\dll-files.com
2015-05-12 19:44:34 ----D---- C:\Program Files (x86)\Dll-Files.com Fixer
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-12 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-12 19:22:30 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-12 19:22:29 ----A---- C:\WINDOWS\system32\services.exe
2015-05-12 19:22:25 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-12 19:22:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-12 19:22:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-12 19:22:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-12 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-12 19:22:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 19:22:07 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-12 19:22:07 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-12 19:22:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files\EPSON
2015-05-05 17:41:38 ----D---- C:\WINDOWS\SYSWOW64\ivtMobCache
2015-05-05 17:40:38 ----D---- C:\Users\Míla\AppData\Roaming\Epson
2015-05-05 17:36:48 ----D---- C:\ProgramData\UDL
2015-05-05 17:35:23 ----D---- C:\Program Files\Epson Software
2015-05-05 17:34:11 ----D---- C:\Program Files (x86)\Epson Software
2015-05-05 17:31:55 ----D---- C:\ProgramData\ABBYY
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-05-05 17:28:50 ----A---- C:\WINDOWS\system32\E_GCINST.DLL
2015-05-05 17:28:43 ----A---- C:\WINDOWS\system32\E_ILMGDE.DLL
2015-05-05 17:28:40 ----A---- C:\WINDOWS\system32\E_IBCBGDE.DLL
2015-05-05 17:28:26 ----D---- C:\ProgramData\EPSON
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxw2ud.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxcdev.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esdevapp.exe
2015-05-05 17:28:09 ----D---- C:\Program Files (x86)\epson
2015-05-03 19:02:12 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-05-27 16:00:32 ----D---- C:\Program Files\trend micro
2015-05-27 16:00:00 ----D---- C:\WINDOWS\system32\sru
2015-05-27 15:51:51 ----D---- C:\WINDOWS\Temp
2015-05-27 15:50:23 ----D---- C:\WINDOWS\system32\Tasks
2015-05-27 15:43:15 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-05-27 15:41:26 ----D---- C:\WINDOWS\Prefetch
2015-05-27 15:40:09 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-05-27 15:40:09 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-05-26 15:51:20 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-26 15:51:20 ----D---- C:\WINDOWS\Inf
2015-05-26 15:51:14 ----D---- C:\WINDOWS\system32\drivers
2015-05-26 15:50:39 ----D---- C:\Windows
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SysWOW64
2015-05-26 15:41:19 ----D---- C:\Program Files (x86)
2015-05-26 15:38:35 ----HD---- C:\ProgramData
2015-05-26 15:37:24 ----D---- C:\WINDOWS\Tasks
2015-05-24 19:36:48 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-20 14:59:28 ----D---- C:\WINDOWS\system32\config
2015-05-20 14:53:50 ----D---- C:\WINDOWS\WinSxS
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\system32\GWX
2015-05-20 14:53:34 ----D---- C:\WINDOWS\CbsTemp
2015-05-20 14:53:13 ----SHD---- C:\System Volume Information
2015-05-20 14:41:06 ----SHD---- C:\WINDOWS\Installer
2015-05-20 14:40:36 ----RSD---- C:\WINDOWS\assembly
2015-05-20 14:40:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-20 14:39:02 ----D---- C:\Program Files\Microsoft Office 15
2015-05-19 16:17:38 ----D---- C:\WINDOWS\AppReadiness
2015-05-16 18:28:13 ----HD---- C:\Program Files\WindowsApps
2015-05-15 19:48:47 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-05-15 19:48:16 ----RD---- C:\WINDOWS\System32
2015-05-14 11:17:13 ----D---- C:\WINDOWS\rescache
2015-05-14 09:32:07 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-14 09:32:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 09:29:01 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-14 09:29:00 ----RSD---- C:\WINDOWS\Fonts
2015-05-14 09:29:00 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 09:28:54 ----D---- C:\WINDOWS\apppatch
2015-05-14 09:28:47 ----D---- C:\Program Files\Internet Explorer
2015-05-14 09:28:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 18:09:44 ----D---- C:\Users\Míla\AppData\Roaming\uTorrent
2015-05-13 18:04:20 ----D---- C:\Program Files\WinRAR
2015-05-13 17:51:46 ----D---- C:\Users\Míla\AppData\Roaming\vlc
2015-05-13 15:08:01 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 14:54:55 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-13 14:49:06 ----D---- C:\WINDOWS\system32\catroot2
2015-05-12 20:49:00 ----D---- C:\Program Files\Windows Journal
2015-05-12 20:43:44 ----D---- C:\WINDOWS\en-GB
2015-05-12 20:41:43 ----D---- C:\Program Files (x86)\Windows Live
2015-05-12 20:40:17 ----D---- C:\WINDOWS\Logs
2015-05-12 20:26:30 ----RD---- C:\Program Files
2015-05-05 17:47:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-05 17:46:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files
2015-05-05 17:38:04 ----D---- C:\WINDOWS\system32\catroot
2015-05-05 17:35:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\Common Files
2015-05-05 17:28:09 ----D---- C:\WINDOWS\twain_32
2015-04-28 09:19:09 ----D---- C:\WINDOWS\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-01-26 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-01-26 267632]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-01-26 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-01-26 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-01-26 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-01-26 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-01-26 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-01-26 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-26 271752]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem12.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-10-31 49504]
R3 HIDSwitch;@oem15.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816]
R3 IntcDAud;@oem57.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 iwdbus;@oem65.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem61.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem4.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem6.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2012-12-01 1150560]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem74.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 HTCAND64;@oem68.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;@oem72.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem70.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem64.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [2013-05-20 38912]
S3 RZSURROUNDVADService;@oem73.inf,%RZSURROUNDVAD.SvcDesc%;Razer Surround Audio Service; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [2015-02-09 40640]
S3 ssudmdm;@oem75.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-09-02 1282152]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-26 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-07 2736824]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-04-29 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-26 4012248]
R3 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-11-20 1616136]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-10-23 146184]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-08-14 150600]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Havěť

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Twitty
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 kvě 2015 14:57

Re: Havěť

#3 Příspěvek od Twitty »

Děkuji, pár věcí vymazalo. Ale vždy když v Google Chrome něco napíšu do vyhledávače, za slovo se napíše ?trackid=sp-006. Díky za pomoc.
# AdwCleaner v4.205 - Log vytvořen 27/05/2015 v 18:13:22
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-25.3 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Míla - MILA
# Spuštěno z : C:\Users\Míla\Desktop\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\{01cb863c-7540-f9c9-01cb-b863c75418f1}
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Složka Smazáno : C:\Program Files (x86)\EZDownloader
Složka Smazáno : C:\Program Files (x86)\Dll-Files.com Fixer
Složka Smazáno : C:\Program Files (x86)\bestadblocker
Složka Smazáno : C:\Program Files (x86)\PPriceMinous
Složka Smazáno : C:\Program Files (x86)\PriiceMinus
Složka Smazáno : C:\Users\Míla\AppData\Roaming\dll-files.com
Složka Smazáno : C:\Users\Míla\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaepeijninfcgjdnighjnlgdkkgpnaen
Složka Smazáno : C:\Users\Míla\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhjehbmopbfbomhchfkhbghcehpeiijl
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe
Soubor Smazáno : C:\Users\Míla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Dll-Files Fixer.lnk
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
Soubor Smazáno : C:\Users\Míla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Soubor Smazáno : C:\Users\Míla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : DLL-Files.Com Fixer_MONTHLY
Úloha Smazáno : DLL-Files.Com Fixer_Updates
Úloha Smazáno : RDReminder

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\P4BD044B2_EFAA_4C3D_9DE2_143EFB480A61_.P4BD044B2_EFAA_4C3D_9DE2_143EFB480A61_
Klíč Smazáno : HKLM\SOFTWARE\Classes\P4BD044B2_EFAA_4C3D_9DE2_143EFB480A61_.P4BD044B2_EFAA_4C3D_9DE2_143EFB480A61_.9
Klíč Smazáno : HKLM\SOFTWARE\Classes\PA0922CC5_DD7F_432F_AA9A_5F996B788B45_.PA0922CC5_DD7F_432F_AA9A_5F996B788B45_
Klíč Smazáno : HKLM\SOFTWARE\Classes\PA0922CC5_DD7F_432F_AA9A_5F996B788B45_.PA0922CC5_DD7F_432F_AA9A_5F996B788B45_.9
Klíč Smazáno : HKLM\SOFTWARE\659303a2-1596-484b-b717-2f76e887deed
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{D2309C24-8371-451B-9D22-185D36B27B0D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BD044B2-EFAA-4C3D-9DE2-143EFB480A61}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0922CC5-DD7F-432F-AA9A-5F996B788B45}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\dll-files.com
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\dll-files.com
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dll-Files Fixer_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v35.0.1 (x86 cs)

[d5oyc3mv.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&t ... XXW0VHFCFX");
[d5oyc3mv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.defaultenginename", "mystartsearch");
[d5oyc3mv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "mystartsearch");
[d5oyc3mv.default\prefs.js] - Řádek Smazáno : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=14326 ... XXW0VHFCFX");

-\\ Google Chrome v43.0.2357.81

[C:\Users\Míla\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}

-\\ Opera v0.0.0.0


*************************


AdwCleaner[R1].txt - [7513 bytů] - [27/05/2015 18:08:59]
AdwCleaner[S1].txt - [6294 bytů] - [27/05/2015 18:13:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6352 bytů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Havěť

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Twitty
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 kvě 2015 14:57

Re: Havěť

#5 Příspěvek od Twitty »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Míla at 2015-05-27 20:19:51
Microsoft Windows 8.1
System drive C: has 133 GB (70%) free of 190 GB
Total RAM: 3982 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:19:55, on 27. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Míla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S4C49.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10381 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {a3420047-c3b5-4b82-b77048fd78a2810d}
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
ngservice.exe pipeserver
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
taskhostex.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.EXE" /FU "C:\WINDOWS\TEMP\E_S4C49.tmp" /EF "HKCU"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\WINDOWS\system32\hkcmd.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\WINDOWS\system32\igfxtray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"

"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3288.0.878975218\1352132333" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMaxBandwidthResumption/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3288.2.1000611217\635942718" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMaxBandwidthResumption/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3288.3.925063598\1821494594" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMaxBandwidthResumption/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3288.4.1737948582\962487602" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMaxBandwidthResumption/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Enabled/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=3288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="3288.6.270436760\1651789001" /prefetch:673131151
"C:\Users\Míla\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Bidaily Synchronize Task[pr].job - c:\programdata\{01cb863c-7540-f9c9-01cb-b863c75418f1}\philz_touch_6.03.8-jfltexx.tar.md5.exe --startup=1 --single
C:\WINDOWS\tasks\DLL-Files FixerASKUSER.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -askuser
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default

prefs.js - "browser.search.suggest.enabled" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default\searchplugins\
Google.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10 219296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"EPSON SX218 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-10-23 374024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-27 16:00:29 ----D---- C:\rsit
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\X86
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\AMD64
2015-05-26 15:39:49 ----D---- C:\Program Files (x86)\Fix Url Links Redirect
2015-05-26 15:38:35 ----D---- C:\ProgramData\17464031256837415382
2015-05-26 15:13:08 ----HD---- C:\OneDriveTemp
2015-05-20 14:53:39 ----D---- C:\WINDOWS\Migration
2015-05-14 09:33:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-13 18:10:20 ----D---- C:\Users\Míla\AppData\Roaming\Ubisoft
2015-05-13 18:10:20 ----D---- C:\ProgramData\Ubisoft
2015-05-13 14:45:05 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-13 14:45:03 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-13 14:44:58 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-13 14:44:58 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:44:52 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-13 14:44:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:44:51 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:44:50 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 14:44:49 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:44:15 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-13 14:44:13 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-13 14:44:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:44:11 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-13 14:44:07 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:44:06 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:43:49 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-13 14:43:49 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-13 14:43:42 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:43:41 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:43:55 ----D---- C:\WINDOWS\cs
2015-05-12 20:43:31 ----D---- C:\WINDOWS\pl
2015-05-12 20:43:17 ----D---- C:\WINDOWS\hu
2015-05-12 20:43:01 ----D---- C:\WINDOWS\sk
2015-05-12 20:26:30 ----D---- C:\Program Files\paint.net
2015-05-12 19:56:24 ----A---- C:\WINDOWS\SYSWOW64\msvcr120.dll
2015-05-12 19:45:03 ----A---- C:\WINDOWS\SYSWOW64\msvcp120.dll
2015-05-12 19:45:01 ----A---- C:\WINDOWS\system32\msvcp120.dll
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-12 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-12 19:22:30 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-12 19:22:29 ----A---- C:\WINDOWS\system32\services.exe
2015-05-12 19:22:25 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-12 19:22:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-12 19:22:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-12 19:22:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-12 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-12 19:22:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 19:22:07 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-12 19:22:07 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-12 19:22:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files\EPSON
2015-05-05 17:41:38 ----D---- C:\WINDOWS\SYSWOW64\ivtMobCache
2015-05-05 17:40:38 ----D---- C:\Users\Míla\AppData\Roaming\Epson
2015-05-05 17:36:48 ----D---- C:\ProgramData\UDL
2015-05-05 17:35:23 ----D---- C:\Program Files\Epson Software
2015-05-05 17:34:11 ----D---- C:\Program Files (x86)\Epson Software
2015-05-05 17:31:55 ----D---- C:\ProgramData\ABBYY
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-05-05 17:28:50 ----A---- C:\WINDOWS\system32\E_GCINST.DLL
2015-05-05 17:28:43 ----A---- C:\WINDOWS\system32\E_ILMGDE.DLL
2015-05-05 17:28:40 ----A---- C:\WINDOWS\system32\E_IBCBGDE.DLL
2015-05-05 17:28:26 ----D---- C:\ProgramData\EPSON
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxw2ud.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxcdev.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esdevapp.exe
2015-05-05 17:28:09 ----D---- C:\Program Files (x86)\epson
2015-05-03 19:02:12 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-05-27 20:19:53 ----D---- C:\Program Files\trend micro
2015-05-27 20:00:00 ----D---- C:\WINDOWS\system32\sru
2015-05-27 19:31:42 ----D---- C:\WINDOWS\Temp
2015-05-27 19:20:56 ----D---- C:\WINDOWS\Prefetch
2015-05-27 19:18:36 ----SHD---- C:\System Volume Information
2015-05-27 18:51:43 ----D---- C:\WINDOWS\system32\config
2015-05-27 18:44:00 ----D---- C:\WINDOWS\WinSxS
2015-05-27 18:37:27 ----D---- C:\Windows
2015-05-27 18:34:54 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-27 18:21:01 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-05-27 18:18:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-05-27 18:18:00 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-05-27 18:17:55 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-05-27 18:16:33 ----RD---- C:\WINDOWS\System32
2015-05-27 18:13:31 ----D---- C:\AdwCleaner
2015-05-27 18:13:27 ----D---- C:\WINDOWS\system32\Tasks
2015-05-27 18:13:26 ----D---- C:\WINDOWS\Tasks
2015-05-27 18:13:24 ----HD---- C:\ProgramData
2015-05-27 18:13:24 ----D---- C:\Program Files (x86)
2015-05-26 15:51:20 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-26 15:51:20 ----D---- C:\WINDOWS\Inf
2015-05-26 15:51:14 ----D---- C:\WINDOWS\system32\drivers
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SysWOW64
2015-05-20 14:53:54 ----D---- C:\WINDOWS\CbsTemp
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\system32\GWX
2015-05-20 14:41:06 ----SHD---- C:\WINDOWS\Installer
2015-05-20 14:40:36 ----RSD---- C:\WINDOWS\assembly
2015-05-20 14:40:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-20 14:39:02 ----D---- C:\Program Files\Microsoft Office 15
2015-05-19 16:17:38 ----D---- C:\WINDOWS\AppReadiness
2015-05-16 18:28:13 ----HD---- C:\Program Files\WindowsApps
2015-05-14 11:17:13 ----D---- C:\WINDOWS\rescache
2015-05-14 09:32:07 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-14 09:32:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 09:29:01 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-14 09:29:00 ----RSD---- C:\WINDOWS\Fonts
2015-05-14 09:29:00 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 09:28:54 ----D---- C:\WINDOWS\apppatch
2015-05-14 09:28:47 ----D---- C:\Program Files\Internet Explorer
2015-05-14 09:28:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 18:09:44 ----D---- C:\Users\Míla\AppData\Roaming\uTorrent
2015-05-13 18:04:20 ----D---- C:\Program Files\WinRAR
2015-05-13 17:51:46 ----D---- C:\Users\Míla\AppData\Roaming\vlc
2015-05-13 15:08:01 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 14:54:55 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-13 14:49:06 ----D---- C:\WINDOWS\system32\catroot2
2015-05-12 20:49:00 ----D---- C:\Program Files\Windows Journal
2015-05-12 20:43:44 ----D---- C:\WINDOWS\en-GB
2015-05-12 20:41:43 ----D---- C:\Program Files (x86)\Windows Live
2015-05-12 20:40:17 ----D---- C:\WINDOWS\Logs
2015-05-12 20:26:30 ----RD---- C:\Program Files
2015-05-05 17:47:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-05 17:46:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files
2015-05-05 17:38:04 ----D---- C:\WINDOWS\system32\catroot
2015-05-05 17:35:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\Common Files
2015-05-05 17:28:09 ----D---- C:\WINDOWS\twain_32
2015-04-28 09:19:09 ----D---- C:\WINDOWS\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-01-26 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-01-26 267632]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-01-26 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-01-26 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-01-26 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-01-26 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-01-26 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-01-26 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-26 271752]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem12.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-10-31 49504]
R3 HIDSwitch;@oem15.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816]
R3 IntcDAud;@oem57.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 iwdbus;@oem65.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem61.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem4.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem6.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2012-12-01 1150560]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem74.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 HTCAND64;@oem68.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;@oem72.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem70.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem64.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [2013-05-20 38912]
S3 RZSURROUNDVADService;@oem73.inf,%RZSURROUNDVAD.SvcDesc%;Razer Surround Audio Service; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [2015-02-09 40640]
S3 ssudmdm;@oem75.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-09-02 1282152]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-26 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-07 2736824]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-04-29 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-26 4012248]
R3 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-11-20 1616136]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-10-23 146184]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-08-14 150600]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Havěť

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\17464031256837415382

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]/žč

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Twitty
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 kvě 2015 14:57

Re: Havěť

#7 Příspěvek od Twitty »

All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\17464031256837415382 folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]/ž\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57311 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Míla
->Temp folder emptied: 57243444 bytes
->Temporary Internet Files folder emptied: 16316327 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 10132418 bytes
->Google Chrome cache emptied: 375242804 bytes
->Flash cache emptied: 57822 bytes

User: MĂ­la

User: Mˇla
->Temporary Internet Files folder emptied: 128 bytes

User: M�la

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 31666304 bytes
RecycleBin emptied: 341450381 bytes

Total Files Cleaned = 794,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Míla
->Flash cache emptied: 0 bytes

User: MĂ­la

User: Mˇla

User: M�la

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 05272015_204322

Files moved on Reboot...
C:\Users\Míla\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\MILA-20150527-1816.log moved successfully.
File C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(20150527181604690).log not found!
File C:\WINDOWS\temp\officeclicktorun.exe_streamserver(20150527181606690).log not found!

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Havěť

#8 Příspěvek od Rudy »

Poprosím ještě o jeden RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Twitty
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 kvě 2015 14:57

Re: Havěť

#9 Příspěvek od Twitty »

Dobrý den, omlouvám se, že jsem neodpovídal. Byl jsem pryč.
Problém s trackid=-sp006 jsem vyřešil, ale neodstranil jsem to, co to zavinilo
Logfile of random's system information tool 1.10 (written by random/random)
Run by Míla at 2015-05-31 14:32:04
Microsoft Windows 8.1
System drive C: has 134 GB (70%) free of 190 GB
Total RAM: 3982 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:32:08, on 31. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Míla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE /FU "C:\WINDOWS\TEMP\E_S4C49.tmp" /EF "HKCU"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10281 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
dashost.exe {b40762f0-afff-4996-9c9f5af6c3374bd1}
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
ngservice.exe pipeserver
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {D9BCBCD1-35F9-4611-99DC-10A5B979BBA0}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\ASUS\P4G\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\InsOnWMI.exe"
KBFiltr.exe
taskhostex.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4940.0.1405454981\1318733638" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Default/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4940 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4940.2.674467136\1961233984" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Default/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4940 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4940.3.491623467\1246119737" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Default/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4940 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4940.4.1904465737\231307863" /prefetch:673131151
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\FBAgent.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
taskeng.exe {09512FFD-4917-4C43-B6C8-EC36DB354D93}
"C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe"

"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Default/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4940 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4940.10.12959102\558257261" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Primary/*LocalNTPFast/Enabled/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevAggressiveShortcuts1299R2/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/group_01/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_09/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8CacheOptions/heuristics-default-mobile/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-NewVideoAPI/Default/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --show-saved-copy=primary --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4940 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="4940.11.1650217002\2144722646" /prefetch:673131151
"C:\Users\Míla\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Bidaily Synchronize Task[pr].job - c:\programdata\{01cb863c-7540-f9c9-01cb-b863c75418f1}\philz_touch_6.03.8-jfltexx.tar.md5.exe --startup=1 --single
C:\WINDOWS\tasks\DLL-Files FixerASKUSER.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -askuser

=========Mozilla firefox=========

ProfilePath - C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default

prefs.js - "browser.search.suggest.enabled" - false

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1215155.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll


C:\Users\Míla\AppData\Roaming\Mozilla\Firefox\Profiles\d5oyc3mv.default\searchplugins\
Google.xml
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10 219296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-26 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-26 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24 430592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"EPSON SX218 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGDE.EXE [2009-09-14 224768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-10-23 374024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-12 13263072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5227648]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2009-12-03 976320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-31 14:26:32 ----HD---- C:\OneDriveTemp
2015-05-27 20:43:22 ----D---- C:\_OTM
2015-05-27 16:00:29 ----D---- C:\rsit
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\X86
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SYSWOW64\AMD64
2015-05-26 15:39:49 ----D---- C:\Program Files (x86)\Fix Url Links Redirect
2015-05-20 14:53:39 ----D---- C:\WINDOWS\Migration
2015-05-14 09:33:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-13 18:10:20 ----D---- C:\Users\Míla\AppData\Roaming\Ubisoft
2015-05-13 18:10:20 ----D---- C:\ProgramData\Ubisoft
2015-05-13 14:45:05 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-13 14:45:03 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-13 14:44:58 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-13 14:44:58 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:44:52 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-13 14:44:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:44:51 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:44:50 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 14:44:49 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:44:15 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-13 14:44:13 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-13 14:44:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:44:11 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-13 14:44:10 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:44:08 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-13 14:44:07 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:44:06 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:44:05 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:44:02 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:43:49 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-13 14:43:49 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-13 14:43:43 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-13 14:43:42 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:43:41 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:54:46 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:43:55 ----D---- C:\WINDOWS\cs
2015-05-12 20:43:31 ----D---- C:\WINDOWS\pl
2015-05-12 20:43:17 ----D---- C:\WINDOWS\hu
2015-05-12 20:43:01 ----D---- C:\WINDOWS\sk
2015-05-12 20:26:30 ----D---- C:\Program Files\paint.net
2015-05-12 19:56:24 ----A---- C:\WINDOWS\SYSWOW64\msvcr120.dll
2015-05-12 19:45:03 ----A---- C:\WINDOWS\SYSWOW64\msvcp120.dll
2015-05-12 19:45:01 ----A---- C:\WINDOWS\system32\msvcp120.dll
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-12 19:22:31 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-12 19:22:30 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-12 19:22:30 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-12 19:22:29 ----A---- C:\WINDOWS\system32\services.exe
2015-05-12 19:22:25 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-12 19:22:25 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-12 19:22:24 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-12 19:22:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-12 19:22:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-12 19:22:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-12 19:22:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-12 19:22:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-12 19:22:12 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-12 19:22:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-12 19:22:10 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-12 19:22:09 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-12 19:22:08 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 19:22:07 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-12 19:22:07 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-12 19:22:06 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-12 19:22:05 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-12 19:22:04 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-12 19:22:03 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 19:22:02 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files\EPSON
2015-05-05 17:41:38 ----D---- C:\WINDOWS\SYSWOW64\ivtMobCache
2015-05-05 17:40:38 ----D---- C:\Users\Míla\AppData\Roaming\Epson
2015-05-05 17:36:48 ----D---- C:\ProgramData\UDL
2015-05-05 17:35:23 ----D---- C:\Program Files\Epson Software
2015-05-05 17:34:11 ----D---- C:\Program Files (x86)\Epson Software
2015-05-05 17:31:55 ----D---- C:\ProgramData\ABBYY
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
2015-05-05 17:28:50 ----A---- C:\WINDOWS\system32\E_GCINST.DLL
2015-05-05 17:28:43 ----A---- C:\WINDOWS\system32\E_ILMGDE.DLL
2015-05-05 17:28:40 ----A---- C:\WINDOWS\system32\E_IBCBGDE.DLL
2015-05-05 17:28:26 ----D---- C:\ProgramData\EPSON
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxw2ud.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esxcdev.dll
2015-05-05 17:28:15 ----A---- C:\WINDOWS\system32\esdevapp.exe
2015-05-05 17:28:09 ----D---- C:\Program Files (x86)\epson
2015-05-03 19:02:12 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-05-31 14:32:07 ----D---- C:\Program Files\trend micro
2015-05-31 14:28:36 ----D---- C:\WINDOWS\system32\Tasks
2015-05-31 14:28:13 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2015-05-31 14:26:41 ----D---- C:\WINDOWS\Temp
2015-05-31 14:26:29 ----D---- C:\WINDOWS\AppReadiness
2015-05-31 14:26:14 ----D---- C:\WINDOWS\Prefetch
2015-05-31 14:25:15 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2015-05-31 14:25:08 ----D---- C:\WINDOWS\system32\sru
2015-05-31 14:25:07 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2015-05-27 21:29:05 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-27 21:29:05 ----D---- C:\WINDOWS\system32\catroot
2015-05-27 21:29:05 ----D---- C:\WINDOWS\Inf
2015-05-27 21:29:01 ----D---- C:\WINDOWS\system32\catroot2
2015-05-27 21:28:54 ----D---- C:\WINDOWS\system32\drivers
2015-05-27 21:08:50 ----D---- C:\WINDOWS\system32\config
2015-05-27 21:03:20 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-27 20:51:39 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-05-27 20:48:35 ----RD---- C:\WINDOWS\System32
2015-05-27 20:43:22 ----HD---- C:\ProgramData
2015-05-27 20:43:22 ----D---- C:\WINDOWS\Tasks
2015-05-27 19:18:36 ----SHD---- C:\System Volume Information
2015-05-27 18:44:00 ----D---- C:\WINDOWS\WinSxS
2015-05-27 18:37:27 ----D---- C:\Windows
2015-05-27 18:13:31 ----D---- C:\AdwCleaner
2015-05-27 18:13:24 ----D---- C:\Program Files (x86)
2015-05-26 15:41:19 ----D---- C:\WINDOWS\SysWOW64
2015-05-20 14:53:54 ----D---- C:\WINDOWS\CbsTemp
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-20 14:53:39 ----SD---- C:\WINDOWS\system32\GWX
2015-05-20 14:41:06 ----SHD---- C:\WINDOWS\Installer
2015-05-20 14:40:36 ----RSD---- C:\WINDOWS\assembly
2015-05-20 14:40:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-05-20 14:39:02 ----D---- C:\Program Files\Microsoft Office 15
2015-05-16 18:28:13 ----HD---- C:\Program Files\WindowsApps
2015-05-14 11:17:13 ----D---- C:\WINDOWS\rescache
2015-05-14 09:32:07 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-14 09:32:07 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 09:29:01 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-14 09:29:00 ----RSD---- C:\WINDOWS\Fonts
2015-05-14 09:29:00 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 09:28:54 ----D---- C:\WINDOWS\apppatch
2015-05-14 09:28:47 ----D---- C:\Program Files\Internet Explorer
2015-05-14 09:28:47 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 18:09:44 ----D---- C:\Users\Míla\AppData\Roaming\uTorrent
2015-05-13 18:04:20 ----D---- C:\Program Files\WinRAR
2015-05-13 17:51:46 ----D---- C:\Users\Míla\AppData\Roaming\vlc
2015-05-13 15:08:01 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 14:54:55 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-12 20:49:00 ----D---- C:\Program Files\Windows Journal
2015-05-12 20:43:44 ----D---- C:\WINDOWS\en-GB
2015-05-12 20:41:43 ----D---- C:\Program Files (x86)\Windows Live
2015-05-12 20:40:17 ----D---- C:\WINDOWS\Logs
2015-05-12 20:26:30 ----RD---- C:\Program Files
2015-05-05 17:47:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-05 17:46:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-05-05 17:46:26 ----D---- C:\Program Files\Common Files
2015-05-05 17:35:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-05 17:31:55 ----D---- C:\Program Files (x86)\Common Files
2015-05-05 17:28:09 ----D---- C:\WINDOWS\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-01-26 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-01-26 267632]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-01-26 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-01-26 1050432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-01-26 436624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-01-26 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-01-26 83280]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-01-26 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-01-26 271752]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem12.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-11-08 70928]
R3 BtAudioBusSrv;@oem9.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-10-31 49504]
R3 HIDSwitch;@oem15.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-12-18 3262816]
R3 IntcDAud;@oem57.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 iwdbus;@oem65.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem61.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem4.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-11-02 2606768]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 rtbth;@oem6.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2012-12-01 1150560]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 HTCAND64;@oem68.inf,%HTCAND64.SvcDesc%;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;@oem72.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem70.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 intaud_WaveExtensible;@oem64.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-23 39320]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\WINDOWS\system32\DRIVERS\PcaSp60.sys [2013-05-20 38912]
S3 RZSURROUNDVADService;@oem73.inf,%RZSURROUNDVAD.SvcDesc%;Razer Surround Audio Service; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [2015-02-09 40640]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-09-02 1282152]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-01-26 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-07 2736824]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files\ASUS\P4G\InsOnSrv.exe [2013-04-29 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-01-26 4012248]
R3 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-11-20 1616136]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-10-23 146184]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-31 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-08-14 150600]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119677
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Havěť

#10 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“