Kontrola logu - možný výskyt keyloggeru

[petersff]

Zdravim, prosím o kontrolu logu, je možné že mám v PC keylogger

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-06-14 23:53:05
Microsoft Windows 8.1
System drive C: has 35 GB (6%) free of 585 GB
Total RAM: 8112 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:53:06, on 14. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 184.22.254.48 sopcast.com
O1 - Hosts: 188.241.112.92 sopcast.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Phaser 6121MFP Scan Dashboard] C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe -startup
O4 - HKCU\..\Run: [EPSON Stylus DX4000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE /FU "C:\Windows\TEMP\E_S968E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] /FU "C:\WINDOWS\TEMP\E_S9246.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [AceStream] C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
O4 - HKCU\..\Run: [AceWebException] C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: GameRanger.lnk = Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 2099551860
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Boost - Western Digital - C:\Program Files\Western Digital\WD Boost\WDBoost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14765 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
"dwm.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Western Digital\WD Boost\WDBoost.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {65859c12-dd89-447a-8e0852262c4a2466}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e58c546c-6543-44ba-975a-86572d26c7f1 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskhostex.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\Explorer.EXE
igfxEM.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Petr\AppData\Local\Steam\htmlcache" -steampid 8932 -buildid 1433977716 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6824 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="6824.2.1673908250\420176418" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="11016.0.1242391902\2023015820" --disable-breakpad --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4170 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.2.2058147974\235379072" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.3.2042568340\882199238" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.4.567132434\1756097094" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.5.1031606296\308186033" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.7.1117254749\168514602" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6824 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="6824.20.687312300\1226437906" /prefetch:673131151
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.114.1721951175\65363560" /prefetch:673131151
"C:\WINDOWS\system32\taskmgr.exe" /4
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=11016 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="11016.115.1314413986\1097741305" /prefetch:673131151
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petr\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Norton Security Scan for Petr.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default

prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Petr\AppData\Roaming\rcru\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default\searchplugins\
google-avast.xml
smartbar.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-08 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-08 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-08 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-09 13538376]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-01-28 452608]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2013-04-18 406920]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2013-04-18 407968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MBCfg64"=C:\WINDOWS\system32\MBCfg64.dll [2013-08-29 40576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-08 1570672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Phaser 6121MFP Scan Dashboard"=C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe [2009-03-25 5898240]
"EPSON Stylus DX4000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE [2007-10-09 213504]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-11 2892992]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-11-04 3093624]
"EPSON Stylus DX4000 Series"= /FU C:\WINDOWS\TEMP\E_S9246.tmp /EF HKCU []
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2014-02-06 1780224]
"AceStream"=C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe [2014-12-07 23984]
"Dxtory Update Checker 2.0"=C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696]
"AceWebException"=C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe [2015-02-28 22824]
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2015-04-30 3095840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-02-07 490480]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-09-19 606024]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-11-03 585536]
"Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2013-08-16 711680]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-08 5515496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
GameRanger.lnk - C:\Users\Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"vidc.xtor"=DxtoryCodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-14 23:50:52 ----D---- C:\rsit
2015-06-08 16:35:28 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-06-08 16:33:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-06-08 16:32:52 ----A---- C:\WINDOWS\avastSS.scr
2015-06-06 14:39:10 ----SD---- C:\Users\Petr\AppData\Roaming\WindowsUpd
2015-06-06 14:39:06 ----A---- C:\Users\Petr\AppData\Roaming\Run.exe
2015-06-06 14:39:06 ----A---- C:\Users\Petr\AppData\Roaming\Rar.exe
2015-06-04 21:49:39 ----D---- C:\Users\Petr\AppData\Roaming\Octoshape
2015-05-30 11:58:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\system32\GWX
2015-05-30 11:49:52 ----D---- C:\WINDOWS\Migration
2015-05-30 04:56:57 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:56:57 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:44:34 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-30 04:44:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-30 04:03:01 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-05-30 04:02:15 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-05-30 03:44:40 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-05-30 03:44:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-05-30 03:44:35 ----A---- C:\WINDOWS\system32\calc.exe
2015-05-30 03:44:34 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-05-30 03:44:01 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-05-30 03:44:01 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-05-30 03:44:00 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-30 03:43:24 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-05-30 03:41:27 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\localspl.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\system32\compstui.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-05-30 03:41:01 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-30 03:40:31 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-05-30 03:40:13 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-30 03:40:01 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-05-30 03:39:34 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-30 03:39:32 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-30 03:39:03 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-05-30 03:39:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\tdh.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-30 03:39:00 ----A---- C:\WINDOWS\system32\lsm.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\services.exe
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-05-30 03:38:15 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-05-30 03:38:13 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\system32\authui.dll
2015-05-30 03:37:28 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\system32\authz.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-05-30 03:36:47 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-05-30 03:36:31 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-30 03:36:31 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-30 03:36:26 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssph.dll
2015-05-30 03:36:00 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-30 03:35:33 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-30 03:35:32 ----A---- C:\WINDOWS\system32\shell32.dll
2015-05-30 03:35:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-05-30 03:34:16 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-30 03:34:07 ----A---- C:\WINDOWS\explorer.exe
2015-05-30 03:34:06 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-05-30 03:34:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-30 03:34:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-30 03:33:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-05-30 03:33:50 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-30 03:33:49 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-30 03:33:45 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-05-30 03:33:42 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-30 03:32:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups2.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\invagent.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\devinv.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-05-30 03:30:36 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-05-25 23:49:19 ----D---- C:\Users\Petr\AppData\Roaming\Imminent
2015-05-25 14:15:09 ----A---- C:\WINDOWS\system32\nvspcap.dll
2015-05-19 16:50:33 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-05-19 16:50:33 ----D---- C:\WINDOWS\system32\NV
2015-05-19 16:46:52 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-19 16:46:49 ----A---- C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2015-05-15 06:41:01 ----D---- C:\ProgramData\Gyazo

======List of files/folders modified in the last 1 month======

2015-06-14 23:53:06 ----D---- C:\Program Files\trend micro
2015-06-14 23:51:05 ----D---- C:\WINDOWS\Prefetch
2015-06-14 20:21:40 ----D---- C:\Program Files (x86)\Steam
2015-06-14 14:02:05 ----D---- C:\WINDOWS\Temp
2015-06-14 13:06:21 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-14 13:04:48 ----A---- C:\WINDOWS\system32\RzMaelstromVADAudioDeviceManager_log.txt
2015-06-14 11:49:06 ----D---- C:\Windows
2015-06-14 11:49:03 ----D---- C:\WINDOWS\Minidump
2015-06-13 17:52:53 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-13 16:11:51 ----D---- C:\Users\Petr\AppData\Roaming\OBS
2015-06-13 14:48:07 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-06-13 14:43:14 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-06-13 11:13:08 ----D---- C:\WINDOWS\System32
2015-06-13 11:13:08 ----D---- C:\WINDOWS\Inf
2015-06-13 11:13:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-13 11:09:35 ----D---- C:\WINDOWS\AppReadiness
2015-06-10 10:24:10 ----D---- C:\WINDOWS\debug
2015-06-10 03:14:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-06-10 00:38:19 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-06-10 00:38:18 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-06-10 00:38:04 ----D---- C:\WINDOWS\Logs
2015-06-10 00:34:14 ----D---- C:\Program Files\CCleaner
2015-06-10 00:33:31 ----RD---- C:\Program Files (x86)
2015-06-10 00:33:21 ----D---- C:\WINDOWS\system32\drivers
2015-06-10 00:31:53 ----D---- C:\Program Files
2015-06-10 00:31:25 ----SHD---- C:\WINDOWS\Installer
2015-06-10 00:30:23 ----D---- C:\WINDOWS\SysWOW64
2015-06-10 00:27:23 ----SHD---- C:\System Volume Information
2015-06-09 12:11:06 ----D---- C:\ProgramData\Realtek
2015-06-08 16:34:06 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-08 16:33:22 ----D---- C:\WINDOWS\system32\Tasks
2015-06-08 16:30:26 ----D---- C:\ProgramData\AVAST Software
2015-06-08 07:51:29 ----D---- C:\WINDOWS\system32\sru
2015-06-05 14:52:30 ----D---- C:\WINDOWS\rescache
2015-06-05 11:46:07 ----HD---- C:\Program Files\WindowsApps
2015-06-04 21:49:40 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2015-06-03 12:54:47 ----D---- C:\WINDOWS\system32\config
2015-06-03 11:59:41 ----D---- C:\WINDOWS\WinSxS
2015-06-02 00:47:22 ----D---- C:\Program Files (x86)\Battle.net
2015-06-01 14:15:06 ----RSD---- C:\WINDOWS\assembly
2015-06-01 13:59:41 ----D---- C:\WINDOWS\system32\catroot2
2015-06-01 01:52:39 ----D---- C:\WINDOWS\AppCompat
2015-05-30 11:59:55 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-30 11:59:19 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-30 11:58:51 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\wbem
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\appraiser
2015-05-30 11:58:50 ----D---- C:\WINDOWS\apppatch
2015-05-30 11:50:01 ----D---- C:\Program Files\Windows Defender
2015-05-30 11:50:01 ----D---- C:\Program Files (x86)\Windows Defender
2015-05-30 11:49:59 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-30 11:49:58 ----RD---- C:\WINDOWS\ToastData
2015-05-30 11:49:57 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-30 11:49:56 ----RSD---- C:\WINDOWS\Fonts
2015-05-30 11:49:56 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-30 11:49:52 ----D---- C:\WINDOWS\WinStore
2015-05-30 11:49:39 ----D---- C:\Program Files\Internet Explorer
2015-05-30 11:49:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-30 05:08:48 ----D---- C:\ProgramData\Microsoft Help
2015-05-30 05:08:22 ----D---- C:\WINDOWS\CbsTemp
2015-05-30 04:53:55 ----D---- C:\WINDOWS\system32\MRT
2015-05-30 04:41:58 ----D---- C:\WINDOWS\system32\catroot
2015-05-30 04:34:00 ----A---- C:\WINDOWS\win.ini
2015-05-30 03:51:10 ----D---- C:\Program Files\Windows Journal
2015-05-27 02:36:44 ----D---- C:\ProgramData\Origin
2015-05-24 12:07:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 16:41:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-19 22:23:24 ----D---- C:\ProgramData\Skype
2015-05-19 16:50:16 ----D---- C:\ProgramData\NVIDIA
2015-05-17 04:00:17 ----D---- C:\WINDOWS\Tasks
2015-05-16 00:45:02 ----D---- C:\Program Files (x86)\PokerStars
2015-05-15 06:41:16 ----D---- C:\Program Files (x86)\Gyazo
2015-05-15 06:41:01 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-06-08 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-06-08 272248]
R0 hiosd;WD Boost Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\hiosd.sys [2013-04-13 173840]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-03-22 678384]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-05-12 31376]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-06-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-06-08 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-06-08 442264]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-10-30 283064]
R1 hiofs;WD Boost File System Filter Driver; C:\WINDOWS\system32\DRIVERS\hiofs.sys [2013-04-13 28944]
R1 SeLow;@oem127.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [2014-12-16 38368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-06-08 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-06-08 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-06-08 137288]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-11-20 314016]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-09-19 70984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-11-20 43680]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2014-12-10 129600]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-03-19 4888368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-09 3425608]
R3 iwdbus;@oem36.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2013-07-09 32344]
R3 MEIx64;@oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-02-16 64624]
R3 Neo_VPN;@oem128.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [2014-12-16 28768]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-26 13368]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-05-12 10972304]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 19600]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem5.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-09 524360]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E – síťový adaptér; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
R3 RZMAELSTROMVADService;@oem143.inf,%RZMAELSTROMVAD.SvcDesc%;Razer Surround Audio Enhancer Service; C:\WINDOWS\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 tap0901t;@oem18.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S1 mowapxsd;mowapxsd; \??\C:\WINDOWS\system32\drivers\mowapxsd.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 ETD;@oem11.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-07-09 357200]
S3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-07-21 46136]
S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 IntcDAud;@oem32.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-05 455440]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 LbAdapter;@oem51.inf,%LbAdapter.Service.DispName%;LAN Bridger Virtual Miniport Driver; C:\WINDOWS\system32\DRIVERS\lb.sys [2010-06-07 21656]
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys []
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys []
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys []
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys []
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys []
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys []
S3 rccfg;AMD-RAID Config Device; C:\WINDOWS\System32\drivers\rccfg.sys [2013-03-28 21680]
S3 rcraid;rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [2013-03-28 526000]
S3 RSUSBSTOR;@oem7.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 252048]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]
S3 tap0901;@oem20.inf,%DeviceDescription%;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-07-01 31232]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-22 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-08 343336]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-03-19 345864]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-16 366552]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2013-04-18 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-08 154112]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-05-12 937288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-11-28 76888]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-11 837312]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-09-19 393032]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-09-19 384840]
S2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2012-12-07 39424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
S2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
S2 RzMaelstromVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-06-09 4250624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25 268464]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-06-10 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-03-19 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-23 148080]
S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2014-06-04 2100736]
S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2014-06-06 4026368]
S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2014-06-03 2118144]
S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2014-06-17 4157440]
S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2014-06-04 2063360]
S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2014-06-10 549888]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2013-10-14 4878416]
S3 Origin Client Service;Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2015-05-27 1931632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-05-04 999152]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[petersff]

zdravim , mám problém se spuštěním combofixu, vždy mi vyskočí tato tabulka


nevím proč to hlásí že mám windows 2000, když mám win. 8.1

[Rudy]

Aha, já to přehlédl, win 8.1 nejsou podporovány. CF smažte a stáhněte MBAM: http://www.malwarebytes.org/mbam.php . Nainstalujte, udělejte sken a dejte log. Předem nic nemažte.

[petersff]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 15. 6. 2015
Čas skenování: 13:08:19
Protokol: sken.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.15.03
Databáze rootkitů: v2015.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 372798
Uplynulý čas: 25 min, 23 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 5
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\AAAAJCCIKCNNCIDHBOKFNCPOOCEANOOL, , [7c8383374b3fb2849655820a7f86a060],
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\AAAAJCCIKCNNCIDHBOKFNCPOOCEANOOL, , [d32cdae04149c86ea14a6923ea1bc63a],
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\IIOIDIKGOOCKINCOEGFBDCBCOFOFPDHA, , [887792284842dc5a0f1a4fa58182d32d],
PUP.Optional.WebexpEnhanced.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LCBEEPPDKLMCBJIHHOKEFDMPPLPIHOPE, , [e51afac0f79390a6062421d333d0926e],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [e01f4c6e91f9023401e313dcf310916f],

Hodnoty registru: 4
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaajccikcnncidhbokfncpooceanool|path, C:\ProgramData\AskPartnerNetwork\Toolbar\SPCV7\CRX\ToolbarCR.crx, , [7c8383374b3fb2849655820a7f86a060]
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaajccikcnncidhbokfncpooceanool|path, C:\ProgramData\AskPartnerNetwork\Toolbar\SPCV7\CRX\ToolbarCR.crx, , [d32cdae04149c86ea14a6923ea1bc63a]
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iioidikgoockincoegfbdcbcofofpdha|path, C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta839\ch\VideoPlayerV3beta839.crx, , [887792284842dc5a0f1a4fa58182d32d]
PUP.Optional.WebexpEnhanced.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lcbeeppdklmcbjihhokefdmpplpihope|path, C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha165\ch\WebexpEnhancedV1alpha165.crx, , [e51afac0f79390a6062421d333d0926e]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs, , [d6295862f89240f6265375af5ea6619f],

Soubory: 14
PUP.Optional.Solimba, C:\$Recycle.Bin\S-1-5-21-2187607532-4117131573-1222926000-1002\$R5QNK48.exe, , [6e91e9d1cebce4521a6b958e758d8080],
PUP.PSWTool.ProductKey, C:\$Recycle.Bin\S-1-5-21-2187607532-4117131573-1222926000-1002\$RRU1OZW.zip, , [7c83b901395177bf6667dbb2b64a09f7],
Malware.Packer.Krunchy, C:\$Recycle.Bin\S-1-5-21-2187607532-4117131573-1222926000-1002\$R7HZ5BK.rar, , [748b6f4b7d0d75c1bd3bdfa53ac6db25],
PUP.Optional.InstallCore.A, C:\$Recycle.Bin\S-1-5-21-2187607532-4117131573-1222926000-1002\$RISFAIQ.exe, , [936c1b9f5e2c2016800b00698b772bd5],
PUP.Optional.APNToolBar.A, C:\$Recycle.Bin\S-1-5-21-2187607532-4117131573-1222926000-1002\$RC5G9DP\SetupYTD.exe, , [c43be0da147663d3ed888ed77d85ad53],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\25-05-2015, , [d6295862f89240f6265375af5ea6619f],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\26-05-2015, , [d6295862f89240f6265375af5ea6619f],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\27-05-2015, , [d6295862f89240f6265375af5ea6619f],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\28-05-2015, , [d6295862f89240f6265375af5ea6619f],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\29-05-2015, , [d6295862f89240f6265375af5ea6619f],
Stolen.Data, C:\Users\Petr\AppData\Roaming\Imminent\Logs\30-05-2015, , [d6295862f89240f6265375af5ea6619f],
PUP.Optional.SmartBar.A, C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default\searchplugins\smartbar.xml, , [4cb39129cdbd2c0a85669c97778d0ff1],
Worm.Traces, C:\a.txt, , [2ad56a50e6a453e378258af4857f59a7],
Trojan.Agent, C:\Users\Petr\AppData\Roaming\Run.exe, , [708fbffbccbe91a5cf745ef763a2b54b],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Vše smažte. Nic z toho není Keylogger.

[petersff]

ok Díky smazáno, ale pořád mám podezření že něco takového mám v notebooku, jelikož se mi někdo dostal na účet na steam a poté i do emailu a všude mám jiná hesla, a to mám i potvrzení SMSkou na přihlášení z nového PC do emailu a nic mi nepřišlo žádná zpráva. tak mě napadlo jestli, nemám nějakej vir, co dává vzdálenej přístup do mého notebooku

[Rudy]

Troják tam byl, ale není to keylogger. Jestli to chcete ještě vyčistit od AdWaru, spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[petersff]

# AdwCleaner v4.206 - Log vytvořen 15/06/2015 v 18:58:31
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-14.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Petr - PETRSEF
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Petr\AppData\Roaming\AceWebExtension
Soubor Smazáno : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default\user.js
Soubor Smazáno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Soubor Smazáno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
Soubor Smazáno : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\SDP
Klíč Smazáno : HKCU\Software\AceStream
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.4 (x86 cs)

[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.admin", false);
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.aflt", "orgnl");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.appId", "{C5E5951A-4ADD-4402-8A8E-EF97DCB9D8EC}");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.autoRvrt", "false");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.dfltLng", "");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.excTlbr", false);
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.id", "569edd8000000000000000ac0bb9fe00");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlDay", "16458");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.instlRef", "");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.newTab", false);
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prdct", "smartbar");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.prtnrId", "bechiro");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.rvrt", "false");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.smplGrp", "mm");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrId", "smartbar");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.tlbrSrchUrl", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsn", "1.8.8.12");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsnTs", "1.8.8.121:14:31");
[si7hip6d.default\prefs.js] - Řádek Smazáno : user_pref("extensions.smartbar.vrsni", "1.8.8.12");

-\\ Google Chrome v43.0.2357.124

[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={77C2A577-B597-11E2-9C58-0021853DB58B}&crg=3.1010000.10011&st=23

-\\ Chromium v


*************************

AdwCleaner[R1].txt - [4079 bytů] - [15/06/2015 18:55:43]
AdwCleaner[S1].txt - [4097 bytů] - [15/06/2015 18:58:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4155 bytů] ##########

[Rudy]

Dejte nový log RSIT.

[petersff]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-06-15 21:10:18
Microsoft Windows 8.1
System drive C: has 55 GB (9%) free of 585 GB
Total RAM: 8112 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:21, on 15. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 184.22.254.48 sopcast.com
O1 - Hosts: 188.241.112.92 sopcast.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Phaser 6121MFP Scan Dashboard] C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe -startup
O4 - HKCU\..\Run: [EPSON Stylus DX4000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE /FU "C:\Windows\TEMP\E_S968E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] /FU "C:\WINDOWS\TEMP\E_S9246.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [AceStream] C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
O4 - HKCU\..\Run: [AceWebException] C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: GameRanger.lnk = Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 2099551860
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Boost - Western Digital - C:\Program Files\Western Digital\WD Boost\WDBoost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15070 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Western Digital\WD Boost\WDBoost.exe"
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {870c968f-2ee8-4411-98584e3153a6a29b}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e58c546c-6543-44ba-975a-86572d26c7f1 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
igfxEM.exe
"C:\WINDOWS\system32\GWX\GWX.exe"
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Petr\AppData\Local\Steam\htmlcache" -steampid 4048 -buildid 1433977716 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=1208 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="1208.1.884000021\891842229" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8452.0.1919209319\1117419182" --disable-breakpad --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.14.4170 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.2.1650362442\1428470031" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.3.900820333\994567479" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.4.671144918\755297513" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.5.1332942576\1923465716" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.7.1000941254\1635095905" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.12.2055271793\1359633473" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8452.13.1234129900\579369612" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=1208 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="1208.2.1456563394\567171080" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.28.461023436\466798279" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.37.1570900986\801583762" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R9/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_71/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=8452 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="8452.60.1548405591\135736740" /prefetch:673131151
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\Petr\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Norton Security Scan for Petr.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default

prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Petr\AppData\Roaming\rcru\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-08 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-08 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-08 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-09 13538376]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-01-28 452608]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2013-04-18 406920]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2013-04-18 407968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MBCfg64"=C:\WINDOWS\system32\MBCfg64.dll [2013-08-29 40576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-08 1570672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Phaser 6121MFP Scan Dashboard"=C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe [2009-03-25 5898240]
"EPSON Stylus DX4000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE [2007-10-09 213504]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-11 2892992]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-11-04 3093624]
"EPSON Stylus DX4000 Series"= /FU C:\WINDOWS\TEMP\E_S9246.tmp /EF HKCU []
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2014-02-06 1780224]
"AceStream"=C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe [2014-12-07 23984]
"Dxtory Update Checker 2.0"=C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696]
"AceWebException"=C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe []
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2015-04-30 3095840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-02-07 490480]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-09-19 606024]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-11-03 585536]
"Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2013-08-16 711680]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-08 5515496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
GameRanger.lnk - C:\Users\Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"vidc.xtor"=DxtoryCodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-15 18:55:37 ----D---- C:\AdwCleaner
2015-06-15 13:34:00 ----A---- C:\sken.txt
2015-06-15 04:33:14 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-06-15 04:33:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-06-14 23:50:52 ----D---- C:\rsit
2015-06-08 16:35:28 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-06-08 16:33:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-06-08 16:32:52 ----A---- C:\WINDOWS\avastSS.scr
2015-06-06 14:39:10 ----SD---- C:\Users\Petr\AppData\Roaming\WindowsUpd
2015-06-06 14:39:06 ----A---- C:\Users\Petr\AppData\Roaming\Rar.exe
2015-06-04 21:49:39 ----D---- C:\Users\Petr\AppData\Roaming\Octoshape
2015-05-30 11:58:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\system32\GWX
2015-05-30 11:49:52 ----D---- C:\WINDOWS\Migration
2015-05-30 04:56:57 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:56:57 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:44:34 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-30 04:44:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-30 04:03:01 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-05-30 04:02:15 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-05-30 03:44:40 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-05-30 03:44:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-05-30 03:44:35 ----A---- C:\WINDOWS\system32\calc.exe
2015-05-30 03:44:34 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-05-30 03:44:01 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-05-30 03:44:01 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-05-30 03:44:00 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-30 03:43:24 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-05-30 03:41:27 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\localspl.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\system32\compstui.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-05-30 03:41:01 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-30 03:40:31 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-05-30 03:40:13 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-30 03:40:01 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-05-30 03:39:34 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-30 03:39:32 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-30 03:39:03 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-05-30 03:39:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\tdh.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-30 03:39:00 ----A---- C:\WINDOWS\system32\lsm.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\services.exe
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-05-30 03:38:15 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-05-30 03:38:13 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\system32\authui.dll
2015-05-30 03:37:28 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\system32\authz.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-05-30 03:36:47 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-05-30 03:36:31 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-30 03:36:31 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-30 03:36:26 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssph.dll
2015-05-30 03:36:00 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-30 03:35:33 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-30 03:35:32 ----A---- C:\WINDOWS\system32\shell32.dll
2015-05-30 03:35:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-05-30 03:34:16 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-30 03:34:07 ----A---- C:\WINDOWS\explorer.exe
2015-05-30 03:34:06 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-05-30 03:34:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-30 03:34:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-30 03:33:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-05-30 03:33:50 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-30 03:33:49 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-30 03:33:45 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-05-30 03:33:42 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-30 03:32:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups2.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\invagent.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\devinv.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-05-30 03:30:36 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-05-25 23:49:19 ----D---- C:\Users\Petr\AppData\Roaming\Imminent
2015-05-25 14:15:09 ----A---- C:\WINDOWS\system32\nvspcap.dll
2015-05-19 16:50:33 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-05-19 16:50:33 ----D---- C:\WINDOWS\system32\NV
2015-05-19 16:46:52 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-19 16:46:49 ----A---- C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\system32\nvcompiler.dll

======List of files/folders modified in the last 1 month======

2015-06-15 21:10:21 ----D---- C:\Program Files\trend micro
2015-06-15 19:29:21 ----D---- C:\WINDOWS\Temp
2015-06-15 19:08:53 ----D---- C:\Program Files (x86)\Steam
2015-06-15 19:04:00 ----A---- C:\WINDOWS\system32\RzMaelstromVADAudioDeviceManager_log.txt
2015-06-15 19:01:23 ----D---- C:\WINDOWS\Inf
2015-06-15 19:00:18 ----D---- C:\WINDOWS\system32\drivers
2015-06-15 18:58:41 ----D---- C:\WINDOWS\Prefetch
2015-06-15 18:54:46 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-06-15 18:53:58 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-15 14:39:04 ----D---- C:\WINDOWS\nl-NL
2015-06-15 12:54:20 ----D---- C:\WINDOWS\System32
2015-06-15 12:54:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-15 04:33:00 ----RD---- C:\Program Files (x86)
2015-06-14 11:49:06 ----D---- C:\Windows
2015-06-14 11:49:03 ----D---- C:\WINDOWS\Minidump
2015-06-13 17:52:53 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-13 16:11:51 ----D---- C:\Users\Petr\AppData\Roaming\OBS
2015-06-13 14:48:07 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-06-13 11:09:35 ----D---- C:\WINDOWS\AppReadiness
2015-06-10 10:24:10 ----D---- C:\WINDOWS\debug
2015-06-10 03:14:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-06-10 00:38:19 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-06-10 00:38:18 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-06-10 00:38:04 ----D---- C:\WINDOWS\Logs
2015-06-10 00:34:14 ----D---- C:\Program Files\CCleaner
2015-06-10 00:31:53 ----D---- C:\Program Files
2015-06-10 00:31:25 ----SHD---- C:\WINDOWS\Installer
2015-06-10 00:30:23 ----D---- C:\WINDOWS\SysWOW64
2015-06-10 00:27:23 ----SHD---- C:\System Volume Information
2015-06-09 12:11:06 ----D---- C:\ProgramData\Realtek
2015-06-08 16:34:06 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-08 16:33:22 ----D---- C:\WINDOWS\system32\Tasks
2015-06-08 16:30:26 ----D---- C:\ProgramData\AVAST Software
2015-06-08 07:51:29 ----D---- C:\WINDOWS\system32\sru
2015-06-05 14:52:30 ----D---- C:\WINDOWS\rescache
2015-06-05 11:46:07 ----HD---- C:\Program Files\WindowsApps
2015-06-04 21:49:40 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2015-06-03 12:54:47 ----D---- C:\WINDOWS\system32\config
2015-06-03 11:59:41 ----D---- C:\WINDOWS\WinSxS
2015-06-02 00:47:22 ----D---- C:\Program Files (x86)\Battle.net
2015-06-01 14:15:06 ----RSD---- C:\WINDOWS\assembly
2015-06-01 13:59:41 ----D---- C:\WINDOWS\system32\catroot2
2015-06-01 01:52:39 ----D---- C:\WINDOWS\AppCompat
2015-05-30 11:59:55 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-30 11:59:19 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-30 11:58:51 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\wbem
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\appraiser
2015-05-30 11:58:50 ----D---- C:\WINDOWS\apppatch
2015-05-30 11:50:01 ----D---- C:\Program Files\Windows Defender
2015-05-30 11:50:01 ----D---- C:\Program Files (x86)\Windows Defender
2015-05-30 11:49:59 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-30 11:49:58 ----RD---- C:\WINDOWS\ToastData
2015-05-30 11:49:57 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-30 11:49:56 ----RSD---- C:\WINDOWS\Fonts
2015-05-30 11:49:56 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-30 11:49:52 ----D---- C:\WINDOWS\WinStore
2015-05-30 11:49:39 ----D---- C:\Program Files\Internet Explorer
2015-05-30 11:49:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-30 05:08:48 ----D---- C:\ProgramData\Microsoft Help
2015-05-30 05:08:22 ----D---- C:\WINDOWS\CbsTemp
2015-05-30 04:53:55 ----D---- C:\WINDOWS\system32\MRT
2015-05-30 04:41:58 ----D---- C:\WINDOWS\system32\catroot
2015-05-30 04:34:00 ----A---- C:\WINDOWS\win.ini
2015-05-30 03:51:10 ----D---- C:\Program Files\Windows Journal
2015-05-27 02:36:44 ----D---- C:\ProgramData\Origin
2015-05-24 12:07:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 16:41:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-19 22:23:24 ----D---- C:\ProgramData\Skype
2015-05-19 16:50:16 ----D---- C:\ProgramData\NVIDIA
2015-05-17 04:00:17 ----D---- C:\WINDOWS\Tasks
2015-05-16 00:45:02 ----D---- C:\Program Files (x86)\PokerStars

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-06-08 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-06-08 272248]
R0 hiosd;WD Boost Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\hiosd.sys [2013-04-13 173840]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-03-22 678384]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-05-12 31376]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-06-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-06-08 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-06-08 442264]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-10-30 283064]
R1 hiofs;WD Boost File System Filter Driver; C:\WINDOWS\system32\DRIVERS\hiofs.sys [2013-04-13 28944]
R1 SeLow;@oem127.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [2014-12-16 38368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-06-08 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-06-08 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-06-08 137288]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-11-20 314016]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-09-19 70984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-11-20 43680]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2014-12-10 129600]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-03-19 4888368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-09 3425608]
R3 iwdbus;@oem36.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2013-07-09 32344]
R3 MEIx64;@oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-02-16 64624]
R3 Neo_VPN;@oem128.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [2014-12-16 28768]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-26 13368]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-05-12 10972304]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 19600]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem5.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-09 524360]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E – síťový adaptér; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
R3 RZMAELSTROMVADService;@oem143.inf,%RZMAELSTROMVAD.SvcDesc%;Razer Surround Audio Enhancer Service; C:\WINDOWS\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 tap0901t;@oem18.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S1 mowapxsd;mowapxsd; \??\C:\WINDOWS\system32\drivers\mowapxsd.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 ETD;@oem11.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-07-09 357200]
S3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-07-21 46136]
S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 IntcDAud;@oem32.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-05 455440]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 LbAdapter;@oem51.inf,%LbAdapter.Service.DispName%;LAN Bridger Virtual Miniport Driver; C:\WINDOWS\system32\DRIVERS\lb.sys [2010-06-07 21656]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-04-14 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-04-14 64216]
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys []
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys []
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys []
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys []
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys []
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys []
S3 rccfg;AMD-RAID Config Device; C:\WINDOWS\System32\drivers\rccfg.sys [2013-03-28 21680]
S3 rcraid;rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [2013-03-28 526000]
S3 RSUSBSTOR;@oem7.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 252048]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]
S3 tap0901;@oem20.inf,%DeviceDescription%;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-07-01 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-08 343336]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-03-19 345864]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-16 366552]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2013-04-18 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-08 154112]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-05-12 937288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-11-28 76888]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-11 837312]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-09-19 393032]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-09-19 384840]
S2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2012-12-07 39424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
S2 RzMaelstromVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-06-09 4250624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25 268464]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-06-10 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-03-19 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-23 148080]
S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2014-06-04 2100736]
S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2014-06-06 4026368]
S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2014-06-03 2118144]
S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2014-06-17 4157440]
S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2014-06-04 2063360]
S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2014-06-10 549888]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2013-10-14 4878416]
S3 Origin Client Service;Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2015-05-27 1931632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-05-04 999152]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\WINDOWS\system32\drivers\mowapxsd.sys

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64

:services
mowapxsd

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[petersff]

log z OTM
All processes killed
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat not found.
File/Folder C:\WINDOWS\system32\drivers\mowapxsd.sys not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service mowapxsd stopped successfully!
Service mowapxsd deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Petr
->Temp folder emptied: 24194089 bytes
->Temporary Internet Files folder emptied: 11530959 bytes
->Java cache emptied: 13956637 bytes
->FireFox cache emptied: 373855629 bytes
->Google Chrome cache emptied: 388546269 bytes
->Flash cache emptied: 1681 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 6005848 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13218330 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 728 bytes
RecycleBin emptied: 10261017036 bytes

Total Files Cleaned = 10 579,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Default.migrated

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTM by OldTimer - Version 3.1.21.0 log created on 06152015_214151

Files moved on Reboot...
File move failed. C:\Users\Petr\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


novy log z RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-06-15 21:51:50
Microsoft Windows 8.1
System drive C: has 65 GB (11%) free of 585 GB
Total RAM: 8112 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:55, on 15. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Phaser 6121MFP Scan Dashboard] C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe -startup
O4 - HKCU\..\Run: [EPSON Stylus DX4000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE /FU "C:\Windows\TEMP\E_S968E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] /FU "C:\WINDOWS\TEMP\E_S9246.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [avichannel] "C:\Program Files (x86)\Evaer\videochannel.exe"
O4 - HKCU\..\Run: [AceStream] C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
O4 - HKCU\..\Run: [AceWebException] C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: GameRanger.lnk = Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 2099551860
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\SCM\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Boost - Western Digital - C:\Program Files\Western Digital\WD Boost\WDBoost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14122 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Western Digital\WD Boost\WDBoost.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
dashost.exe {c83a281d-45ec-45a6-8dc8b71aeded0774}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
taskhostex.exe
taskeng.exe {95B70137-1A4C-43AA-9890-BF814A6B8C59}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\SCM\MSIService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e58c546c-6543-44ba-975a-86572d26c7f1 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\06152015_214151.log
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
ngservice.exe pipeserver

"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Petr\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Norton Security Scan for Petr.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default

prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@raidcall.en/RCplugin]
"Description"=Raidcall plugin
"Path"=C:\Users\Petr\AppData\Roaming\rcru\plugins\nprcplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL


C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\si7hip6d.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-08 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-08 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-08 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-08 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-09 13538376]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2013-01-28 452608]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-03-22 36352]
"Radio Manager"=C:\Program Files (x86)\SCM\Radio Manager.exe [2013-04-18 406920]
"SCM"=C:\Program Files (x86)\SCM\SCM.exe [2013-04-18 407968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"MBCfg64"=C:\WINDOWS\system32\MBCfg64.dll [2013-08-29 40576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-08 1570672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Phaser 6121MFP Scan Dashboard"=C:\Program Files (x86)\xerox\Phaser 6121MFP\Phaser 6121MFP Scan Dashboard\sd6121.exe [2009-03-25 5898240]
"EPSON Stylus DX4000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE [2007-10-09 213504]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-11 2892992]
"Pando Media Booster"=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2013-11-04 3093624]
"EPSON Stylus DX4000 Series"= /FU C:\WINDOWS\TEMP\E_S9246.tmp /EF HKCU []
"avichannel"=C:\Program Files (x86)\Evaer\videochannel.exe [2014-02-06 1780224]
"AceStream"=C:\Users\Petr\AppData\Roaming\ACEStream\engine\ace_engine.exe [2014-12-07 23984]
"Dxtory Update Checker 2.0"=C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [2010-10-17 93696]
"AceWebException"=C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe []
"Gyazo"=C:\Program Files (x86)\Gyazo\GyStation.exe [2015-04-30 3095840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-02-07 490480]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-09-19 606024]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-11-03 585536]
"Sound Blaster Cinema"=C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [2013-08-16 711680]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-08 5515496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CurseClientStartup.ccip
GameRanger.lnk - C:\Users\Petr\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"vidc.xtor"=DxtoryCodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-15 21:41:51 ----D---- C:\_OTM
2015-06-15 18:55:37 ----D---- C:\AdwCleaner
2015-06-15 13:34:00 ----A---- C:\sken.txt
2015-06-15 04:33:14 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-06-15 04:33:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-06-15 04:33:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-06-14 23:50:52 ----D---- C:\rsit
2015-06-08 16:35:28 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-06-08 16:33:04 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-06-08 16:33:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-06-08 16:32:52 ----A---- C:\WINDOWS\avastSS.scr
2015-06-06 14:39:10 ----SD---- C:\Users\Petr\AppData\Roaming\WindowsUpd
2015-06-06 14:39:06 ----A---- C:\Users\Petr\AppData\Roaming\Rar.exe
2015-06-04 21:49:39 ----D---- C:\Users\Petr\AppData\Roaming\Octoshape
2015-05-30 11:58:30 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-30 11:49:52 ----SD---- C:\WINDOWS\system32\GWX
2015-05-30 11:49:52 ----D---- C:\WINDOWS\Migration
2015-05-30 04:56:57 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:56:57 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-30 04:44:34 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-30 04:44:34 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-30 04:03:01 ----A---- C:\WINDOWS\SYSWOW64\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\rascfg.dll
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2015-05-30 04:03:01 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2015-05-30 04:02:15 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-05-30 03:44:41 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-05-30 03:44:40 ----A---- C:\WINDOWS\SYSWOW64\winshfhc.dll
2015-05-30 03:44:40 ----A---- C:\WINDOWS\system32\winshfhc.dll
2015-05-30 03:44:35 ----A---- C:\WINDOWS\system32\calc.exe
2015-05-30 03:44:34 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-05-30 03:44:01 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2015-05-30 03:44:01 ----A---- C:\WINDOWS\system32\SHCore.dll
2015-05-30 03:44:00 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-30 03:43:24 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\msctf.dll
2015-05-30 03:42:45 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\SYSWOW64\photowiz.dll
2015-05-30 03:42:13 ----A---- C:\WINDOWS\system32\photowiz.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-30 03:41:54 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-05-30 03:41:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-05-30 03:41:27 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-05-30 03:41:20 ----A---- C:\WINDOWS\system32\localspl.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-05-30 03:41:19 ----A---- C:\WINDOWS\system32\compstui.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-30 03:41:02 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-05-30 03:41:01 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-30 03:40:31 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-05-30 03:40:13 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-30 03:40:12 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\win32spl.dll
2015-05-30 03:40:11 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-30 03:40:02 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-30 03:40:01 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\rfcomm.sys
2015-05-30 03:39:34 ----AC---- C:\WINDOWS\system32\drivers\hidbth.sys
2015-05-30 03:39:34 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-05-30 03:39:33 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-30 03:39:32 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-30 03:39:03 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-05-30 03:39:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\tdh.dll
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-05-30 03:39:02 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\wow64.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\tracerpt.exe
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\sechost.dll
2015-05-30 03:39:01 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-30 03:39:00 ----A---- C:\WINDOWS\system32\lsm.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\services.exe
2015-05-30 03:38:28 ----A---- C:\WINDOWS\system32\pku2u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\SYSWOW64\mfc42.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\mfc42u.dll
2015-05-30 03:38:17 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\SYSWOW64\atlthunk.dll
2015-05-30 03:38:16 ----A---- C:\WINDOWS\system32\mfc42.dll
2015-05-30 03:38:15 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2015-05-30 03:38:13 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-05-30 03:37:55 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\SYSWOW64\StorageContextHandler.dll
2015-05-30 03:37:52 ----A---- C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-05-30 03:37:31 ----A---- C:\WINDOWS\system32\authui.dll
2015-05-30 03:37:28 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-05-30 03:37:27 ----A---- C:\WINDOWS\system32\authz.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-05-30 03:36:48 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-05-30 03:36:47 ----A---- C:\WINDOWS\system32\ubpm.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpudd.dll
2015-05-30 03:36:36 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2015-05-30 03:36:31 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-30 03:36:31 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-30 03:36:26 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-30 03:36:02 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\SYSWOW64\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapphost.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappgnui.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eappcfg.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\eapp3hst.dll
2015-05-30 03:36:02 ----A---- C:\WINDOWS\system32\drivers\http.sys
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\tquery.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-05-30 03:36:01 ----A---- C:\WINDOWS\system32\mssph.dll
2015-05-30 03:36:00 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2015-05-30 03:35:51 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-30 03:35:33 ----A---- C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-30 03:35:32 ----A---- C:\WINDOWS\system32\shell32.dll
2015-05-30 03:35:31 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-30 03:35:03 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-05-30 03:34:37 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\SYSWOW64\WMPhoto.dll
2015-05-30 03:34:26 ----A---- C:\WINDOWS\system32\WMPhoto.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2015-05-30 03:34:17 ----A---- C:\WINDOWS\system32\clfsw32.dll
2015-05-30 03:34:16 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-30 03:34:07 ----A---- C:\WINDOWS\explorer.exe
2015-05-30 03:34:06 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-05-30 03:34:03 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-30 03:34:02 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-30 03:34:01 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-30 03:34:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-30 03:33:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-30 03:33:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-30 03:33:55 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-30 03:33:54 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-30 03:33:53 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-30 03:33:52 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-30 03:33:51 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-05-30 03:33:50 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-30 03:33:49 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-30 03:33:45 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-05-30 03:33:42 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-30 03:33:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-30 03:33:39 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-30 03:33:38 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-30 03:32:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-05-30 03:32:57 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups2.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wups.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-30 03:32:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-05-30 03:30:39 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\invagent.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\devinv.dll
2015-05-30 03:30:38 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-05-30 03:30:36 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-05-25 23:49:19 ----D---- C:\Users\Petr\AppData\Roaming\Imminent
2015-05-25 14:15:09 ----A---- C:\WINDOWS\system32\nvspcap.dll
2015-05-19 16:50:33 ----D---- C:\WINDOWS\SYSWOW64\NV
2015-05-19 16:50:33 ----D---- C:\WINDOWS\system32\NV
2015-05-19 16:46:52 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\nvopencl.dll
2015-05-19 16:46:52 ----A---- C:\WINDOWS\system32\drivers\nvpciflt.sys
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvopencl.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2015-05-19 16:46:51 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2015-05-19 16:46:50 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-05-19 16:46:49 ----A---- C:\WINDOWS\system32\nvdispgenco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2015-05-19 16:46:48 ----A---- C:\WINDOWS\system32\nvcuda.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2015-05-19 16:46:47 ----A---- C:\WINDOWS\system32\nvcompiler.dll

======List of files/folders modified in the last 1 month======

2015-06-15 21:51:55 ----D---- C:\Program Files\trend micro
2015-06-15 21:48:47 ----A---- C:\WINDOWS\system32\RzMaelstromVADAudioDeviceManager_log.txt
2015-06-15 21:46:45 ----D---- C:\WINDOWS\Temp
2015-06-15 21:42:34 ----D---- C:\WINDOWS\system32\drivers\etc
2015-06-15 21:42:27 ----D---- C:\WINDOWS\SysWOW64
2015-06-15 21:42:27 ----D---- C:\Windows
2015-06-15 21:41:51 ----D---- C:\WINDOWS\Tasks
2015-06-15 21:41:44 ----D---- C:\WINDOWS\Prefetch
2015-06-15 19:08:53 ----D---- C:\Program Files (x86)\Steam
2015-06-15 19:01:23 ----D---- C:\WINDOWS\Inf
2015-06-15 19:00:18 ----D---- C:\WINDOWS\system32\drivers
2015-06-15 19:00:18 ----D---- C:\WINDOWS\nl-NL
2015-06-15 18:54:46 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-06-15 18:53:58 ----D---- C:\Users\Petr\AppData\Roaming\TS3Client
2015-06-15 12:54:20 ----D---- C:\WINDOWS\System32
2015-06-15 12:54:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-15 04:33:00 ----RD---- C:\Program Files (x86)
2015-06-14 11:49:03 ----D---- C:\WINDOWS\Minidump
2015-06-13 17:52:53 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-13 16:11:51 ----D---- C:\Users\Petr\AppData\Roaming\OBS
2015-06-13 14:48:07 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-06-13 11:09:35 ----D---- C:\WINDOWS\AppReadiness
2015-06-10 10:24:10 ----D---- C:\WINDOWS\debug
2015-06-10 03:14:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-06-10 00:38:19 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-06-10 00:38:18 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-06-10 00:38:04 ----D---- C:\WINDOWS\Logs
2015-06-10 00:34:14 ----D---- C:\Program Files\CCleaner
2015-06-10 00:31:53 ----D---- C:\Program Files
2015-06-10 00:31:25 ----SHD---- C:\WINDOWS\Installer
2015-06-10 00:27:23 ----SHD---- C:\System Volume Information
2015-06-09 12:11:06 ----D---- C:\ProgramData\Realtek
2015-06-08 16:34:06 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-08 16:33:22 ----D---- C:\WINDOWS\system32\Tasks
2015-06-08 16:30:26 ----D---- C:\ProgramData\AVAST Software
2015-06-08 07:51:29 ----D---- C:\WINDOWS\system32\sru
2015-06-05 14:52:30 ----D---- C:\WINDOWS\rescache
2015-06-05 11:46:07 ----HD---- C:\Program Files\WindowsApps
2015-06-04 21:49:40 ----D---- C:\Users\Petr\AppData\Roaming\Mozilla
2015-06-03 12:54:47 ----D---- C:\WINDOWS\system32\config
2015-06-03 11:59:41 ----D---- C:\WINDOWS\WinSxS
2015-06-02 00:47:22 ----D---- C:\Program Files (x86)\Battle.net
2015-06-01 14:15:06 ----RSD---- C:\WINDOWS\assembly
2015-06-01 13:59:41 ----D---- C:\WINDOWS\system32\catroot2
2015-06-01 01:52:39 ----D---- C:\WINDOWS\AppCompat
2015-05-30 11:59:55 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-30 11:59:19 ----D---- C:\WINDOWS\system32\cs-CZ
2015-05-30 11:58:51 ----SD---- C:\WINDOWS\system32\CompatTel
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\wbem
2015-05-30 11:58:50 ----D---- C:\WINDOWS\system32\appraiser
2015-05-30 11:58:50 ----D---- C:\WINDOWS\apppatch
2015-05-30 11:50:01 ----D---- C:\Program Files\Windows Defender
2015-05-30 11:50:01 ----D---- C:\Program Files (x86)\Windows Defender
2015-05-30 11:49:59 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-05-30 11:49:58 ----RD---- C:\WINDOWS\ToastData
2015-05-30 11:49:57 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-30 11:49:56 ----RSD---- C:\WINDOWS\Fonts
2015-05-30 11:49:56 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-30 11:49:52 ----D---- C:\WINDOWS\WinStore
2015-05-30 11:49:39 ----D---- C:\Program Files\Internet Explorer
2015-05-30 11:49:39 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-30 05:08:48 ----D---- C:\ProgramData\Microsoft Help
2015-05-30 05:08:22 ----D---- C:\WINDOWS\CbsTemp
2015-05-30 04:53:55 ----D---- C:\WINDOWS\system32\MRT
2015-05-30 04:41:58 ----D---- C:\WINDOWS\system32\catroot
2015-05-30 04:34:00 ----A---- C:\WINDOWS\win.ini
2015-05-30 03:51:10 ----D---- C:\Program Files\Windows Journal
2015-05-27 02:36:44 ----D---- C:\ProgramData\Origin
2015-05-24 12:07:16 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 16:41:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-19 22:23:24 ----D---- C:\ProgramData\Skype
2015-05-19 16:50:16 ----D---- C:\ProgramData\NVIDIA
2015-05-16 00:45:02 ----D---- C:\Program Files (x86)\PokerStars

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-06-08 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-06-08 272248]
R0 hiosd;WD Boost Storage Filter Driver; C:\WINDOWS\system32\DRIVERS\hiosd.sys [2013-04-13 173840]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-03-22 678384]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2015-05-12 31376]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-06-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-06-08 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-06-08 442264]
R1 dtsoftbus01;@oem30.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2013-10-30 283064]
R1 hiofs;WD Boost File System Filter Driver; C:\WINDOWS\system32\DRIVERS\hiofs.sys [2013-04-13 28944]
R1 SeLow;@oem127.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [2014-12-16 38368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-06-08 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-06-08 89944]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2013-11-20 314016]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-09-19 70984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2013-11-20 43680]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35344]
R2 rzpnk;rzpnk; \??\C:\WINDOWS\system32\drivers\rzpnk.sys [2014-12-10 129600]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-03-19 4888368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-07-09 3425608]
R3 iwdbus;@oem36.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-04 30512]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2013-07-09 32344]
R3 MEIx64;@oem10.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-02-16 64624]
R3 Neo_VPN;@oem128.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN; C:\WINDOWS\system32\DRIVERS\Neo_VPN.sys [2014-12-16 28768]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-26 13368]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-05-12 10972304]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 19600]
R3 nvvad_WaveExtensible;@oem16.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem5.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2013-07-09 524360]
R3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E – síťový adaptér; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
R3 RZMAELSTROMVADService;@oem143.inf,%RZMAELSTROMVAD.SvcDesc%;Razer Surround Audio Enhancer Service; C:\WINDOWS\system32\drivers\RzMaelstromVAD.sys [2014-06-09 32768]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 tap0901t;@oem18.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-06-08 137288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 ETD;@oem11.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-07-09 357200]
S3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-07-21 46136]
S3 intaud_WaveExtensible;@oem17.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-04 42288]
S3 IntcDAud;@oem32.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-11-05 455440]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 LbAdapter;@oem51.inf,%LbAdapter.Service.DispName%;LAN Bridger Virtual Miniport Driver; C:\WINDOWS\system32\DRIVERS\lb.sys [2010-06-07 21656]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-04-14 64216]
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys []
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys []
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys []
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys []
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys []
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys []
S3 rccfg;AMD-RAID Config Device; C:\WINDOWS\System32\drivers\rccfg.sys [2013-03-28 21680]
S3 rcraid;rcraid; C:\WINDOWS\System32\drivers\rcraid.sys [2013-03-28 526000]
S3 RSUSBSTOR;@oem7.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 252048]
S3 RTCore64;RTCore64; \??\C:\Program Files (x86)\RMClock\RTCore64.sys [2005-05-25 7168]
S3 tap0901;@oem20.inf,%DeviceDescription%;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2011-07-01 31232]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-08 343336]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 1152656]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-03-19 345864]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-02-16 366552]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [2013-04-18 160768]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-08 154112]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-05-12 937288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-11-28 76888]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-09-19 393032]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-09-19 384840]
S2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2012-12-07 39424]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2014-02-28 9216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
S2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2014-02-25 105448]
S2 RzMaelstromVADStreamingService;Razer Surround Audio Service; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2014-06-09 4250624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25 268464]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-06-10 1141248]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-03-19 280840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-23 148080]
S3 MSIBIOSData_CC;MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2014-06-04 2100736]
S3 MSIClock_CC;MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2014-06-06 4026368]
S3 MSICOMM_CC;MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2014-06-03 2118144]
S3 MSICPU_CC;MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2014-06-17 4157440]
S3 MSISMB_CC;MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2014-06-04 2063360]
S3 MSISuperIO_CC;MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2014-06-10 549888]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2013-10-14 4878416]
S3 Origin Client Service;Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2015-05-27 1931632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-05-04 999152]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-11 837312]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-11-06 758224]

-----------------EOF-----------------

[Rudy]

Vše smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Bylo smazáno pár AdWarů a jeden rootkit. PC by nyní měl být zcela čistý.

[petersff]

ok, díky moc za pomoc, přeji krásný zbytek dne. Můžete tedy lock