Prosím o preventivku

[vojta.kuca.kucera]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vojtěch at 2015-08-12 15:43:21
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 238 GB (52%) free of 458 GB
Total RAM: 3984 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:39, on 12. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\plugin-nm-server.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vojtěch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --user-data-dir="C:\Users\Vojtěch\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --flag-switches-begin --flag-switches-end --restore-last-session http://software.seznam.cz/listicka?browser=chrome#auto
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9788 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 648714002448
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {c122f3c3-9b2a-44d5-a93bcf2bb87cdb5e}
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe" -hidden
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Windows\FileManager\FileManager.exe" -ServerName:Microsoft.Windows.FileManager
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4528.0.1920560028\907168436" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3958 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4528.2.1496422548\287318466" --font-cache-shared-handle=2080 /prefetch:673131151
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\plugin-nm-server.exe" --parent-window=0 chrome-extension://dbhjdbfgekjfcfkkfjjmlmojhbllhbho/ < \\.\pipe\chrome.nativeMessaging.in.70be5451a587f631 > \\.\pipe\chrome.nativeMessaging.out.70be5451a587f631
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\plugin-nm-server.exe" --parent-window=0 chrome-extension://dbhjdbfgekjfcfkkfjjmlmojhbllhbho/
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4528.7.440389240\134255991" --font-cache-shared-handle=5088 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4528.9.328597411\790964898" --font-cache-shared-handle=4304 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="4528.11.1742509273\901243068" --font-cache-shared-handle=6080 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe35_ Global\UsGthrCtrlFltPipeMssGthrPipe35 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Vojtěch\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVojtěch.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVojtěch (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-27 7636696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-27 1396592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-27 2818800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Power2GoExpress8"=NA []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-07-31 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2015-06-29 653576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-12 15:43:22 ----D---- C:\Program Files\trend micro
2015-08-12 15:43:21 ----D---- C:\rsit
2015-08-11 16:57:03 ----A---- C:\Windows\system32\drivers\rtwlane.sys
2015-08-11 16:55:50 ----A---- C:\Windows\HPSetLog.txt
2015-08-10 09:14:17 ----D---- C:\Program Files (x86)\HP
2015-07-31 21:33:58 ----D---- C:\Windows\Minidump
2015-07-28 18:51:13 ----A---- C:\Windows\system32\appraiser.dll
2015-07-21 06:50:07 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 06:50:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 06:50:07 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 06:50:07 ----A---- C:\Windows\system32\atmfd.dll
2015-07-20 19:23:13 ----D---- C:\Users\Vojtěch\AppData\Roaming\Euro Truck Simulator 2
2015-07-20 18:43:20 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-07-20 07:21:22 ----D---- C:\Users\Vojtěch\AppData\Roaming\Red Alert 3 Uprising
2015-07-20 07:11:57 ----D---- C:\Program Files (x86)\Electronic Arts
2015-07-17 06:39:11 ----D---- C:\WarThunder
2015-07-17 04:13:35 ----D---- C:\Program Files\Microsoft Silverlight
2015-07-17 04:13:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-07-16 19:28:39 ----A---- C:\Windows\system32\klfphc.dll
2015-07-16 19:27:21 ----D---- C:\Program Files (x86)\Kaspersky Lab
2015-07-16 19:27:20 ----D---- C:\ProgramData\Kaspersky Lab
2015-07-16 18:59:58 ----D---- C:\Windows\SYSWOW64\idx
2015-07-16 18:58:37 ----D---- C:\Windows\system32\log
2015-07-16 18:58:05 ----D---- C:\ProgramData\boost_interprocess
2015-07-16 18:57:08 ----D---- C:\Users\Vojtěch\AppData\Roaming\Elex-tech
2015-07-16 18:42:24 ----D---- C:\Program Files\CCleaner
2015-07-16 18:18:06 ----D---- C:\Program Files (x86)\CinemaP-1.9cV16.07
2015-07-16 18:17:46 ----D---- C:\Program Files (x86)\Seznam.cz
2015-07-16 18:17:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\Seznam.cz
2015-07-16 18:16:47 ----D---- C:\Users\Vojtěch\AppData\Roaming\Opera Software
2015-07-16 18:15:48 ----D---- C:\Program Files (x86)\Opera
2015-07-16 16:56:24 ----D---- C:\Program Files (x86)\Ubisoft
2015-07-16 12:44:54 ----A---- C:\Windows\system32\drivers\clwvd.sys
2015-07-16 12:21:47 ----A---- C:\Windows\system32\drivers\CLVirtualDrive.sys
2015-07-16 10:09:26 ----A---- C:\Windows\system32\generaltel.dll
2015-07-16 10:09:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-16 10:09:25 ----A---- C:\Windows\system32\aeinv.dll
2015-07-16 10:09:24 ----A---- C:\Windows\system32\invagent.dll
2015-07-16 10:09:24 ----A---- C:\Windows\system32\devinv.dll
2015-07-16 10:09:23 ----A---- C:\Windows\system32\acmigration.dll
2015-07-16 10:09:22 ----A---- C:\Windows\system32\aepdu.dll
2015-07-16 10:09:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:09:14 ----A---- C:\Windows\system32\profsvc.dll
2015-07-16 10:09:12 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-16 10:09:12 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:09:10 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-16 10:09:06 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-16 10:09:02 ----A---- C:\Windows\system32\WSShared.dll
2015-07-16 10:09:01 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-16 10:09:01 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:09:00 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:08:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-16 10:08:42 ----A---- C:\Windows\system32\msftedit.dll
2015-07-16 10:08:39 ----A---- C:\Windows\system32\shell32.dll
2015-07-16 10:08:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-16 10:08:35 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-16 10:08:35 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-16 07:14:51 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-16 07:14:50 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 07:14:48 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-15 09:52:08 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 09:52:08 ----A---- C:\Windows\system32\authui.dll
2015-07-15 09:52:07 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 09:52:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 09:52:07 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 09:52:07 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 09:52:07 ----A---- C:\Windows\system32\msi.dll
2015-07-15 09:52:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 09:52:04 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 09:52:04 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 09:52:04 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 09:52:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 09:52:04 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 09:52:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 09:52:03 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 09:52:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 09:52:03 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-15 09:52:03 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 09:52:03 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 09:52:03 ----A---- C:\Windows\system32\certcli.dll
2015-07-15 09:52:00 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-15 09:52:00 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-15 09:52:00 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 09:51:59 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 09:51:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 09:51:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 09:51:50 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 09:51:50 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 09:51:50 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 09:51:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 09:51:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 09:51:50 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 09:51:50 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 09:51:50 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 09:51:50 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 09:51:50 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 09:51:50 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 09:51:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 09:51:49 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 09:51:49 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 09:51:49 ----A---- C:\Windows\system32\wups.dll
2015-07-15 09:51:44 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 09:51:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 09:51:01 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 09:50:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 09:50:53 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 09:50:53 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 09:50:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 09:50:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 09:49:54 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 09:49:54 ----A---- C:\Windows\system32\actxprxy.dll
2015-07-15 09:49:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 09:49:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 09:49:52 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-07-15 09:49:52 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 09:49:51 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 09:49:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 09:49:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 09:49:51 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 09:49:51 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 09:49:51 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 09:49:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 09:49:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 09:49:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 09:49:50 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 09:49:49 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-07-15 09:49:49 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 09:49:49 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 09:49:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 09:49:48 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 09:49:47 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-15 09:49:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 09:49:47 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-15 09:49:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 09:49:47 ----A---- C:\Windows\system32\webcheck.dll
2015-07-15 09:49:47 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 09:49:47 ----A---- C:\Windows\system32\inetcomm.dll
2015-07-15 09:49:47 ----A---- C:\Windows\system32\iepeers.dll
2015-07-15 09:48:51 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 09:48:51 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 09:48:51 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 09:48:51 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 09:48:50 ----A---- C:\Windows\system32\apphelp.dll

======List of files/folders modified in the last 1 month======

2015-08-12 15:43:27 ----D---- C:\Windows\Prefetch
2015-08-12 15:43:22 ----RD---- C:\Program Files
2015-08-12 15:41:20 ----D---- C:\Windows\Temp
2015-08-12 15:21:54 ----D---- C:\Windows\system32\sru
2015-08-12 13:03:43 ----D---- C:\Windows\system32\config
2015-08-12 13:01:09 ----D---- C:\Windows\CbsTemp
2015-08-12 13:01:07 ----D---- C:\Windows\WinSxS
2015-08-12 12:33:43 ----D---- C:\Windows\system32\catroot2
2015-08-12 12:04:12 ----RD---- C:\Windows\System32
2015-08-12 12:04:12 ----D---- C:\Windows\SysWOW64
2015-08-12 12:03:52 ----SHD---- C:\Windows\Installer
2015-08-12 11:57:35 ----D---- C:\Windows\system32\NDF
2015-08-12 08:34:31 ----D---- C:\Windows
2015-08-12 08:27:41 ----D---- C:\Windows\system32\catroot
2015-08-11 17:35:43 ----D---- C:\Games
2015-08-11 17:14:56 ----SHD---- C:\System Volume Information
2015-08-11 16:57:32 ----D---- C:\Windows\system32\drivers
2015-08-11 16:57:32 ----D---- C:\Windows\Inf
2015-08-11 16:57:30 ----D---- C:\Windows\system32\DriverStore
2015-08-11 16:56:46 ----D---- C:\Program Files (x86)\Realtek
2015-08-11 16:55:34 ----D---- C:\SWSetup
2015-08-11 16:53:29 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-08-11 16:53:19 ----D---- C:\Users\Vojtěch\AppData\Roaming\hpqlog
2015-08-11 16:51:48 ----D---- C:\Windows\system32\Tasks
2015-08-11 16:50:09 ----RSD---- C:\Windows\Fonts
2015-08-11 10:52:51 ----D---- C:\Windows\Microsoft.NET
2015-08-11 10:49:35 ----D---- C:\Windows\debug
2015-08-10 09:14:17 ----RD---- C:\Program Files (x86)
2015-08-09 14:52:00 ----SD---- C:\Users\Vojtěch\AppData\Roaming\Microsoft
2015-08-09 14:24:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\uTorrent
2015-08-09 14:24:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\DAEMON Tools Lite
2015-08-09 14:23:31 ----D---- C:\Windows\Logs
2015-08-06 09:07:08 ----D---- C:\Windows\AppReadiness
2015-08-06 09:07:07 ----HD---- C:\Program Files\WindowsApps
2015-08-02 12:13:17 ----D---- C:\Windows\Panther
2015-08-02 12:02:48 ----HD---- C:\$Windows.~BT
2015-07-30 18:13:01 ----D---- C:\Users\Vojtěch\AppData\Roaming\TS3Client
2015-07-28 13:24:15 ----D---- C:\KMPlayer
2015-07-25 22:26:10 ----SD---- C:\Windows\system32\GWX
2015-07-21 12:38:07 ----D---- C:\Windows\rescache
2015-07-17 06:09:25 ----D---- C:\Windows\Tasks
2015-07-17 04:24:30 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 19:31:02 ----HD---- C:\ProgramData
2015-07-16 19:27:33 ----HD---- C:\Windows\ELAMBKUP
2015-07-16 19:23:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-07-16 18:43:45 ----D---- C:\Windows\ModemLogs
2015-07-16 18:33:47 ----D---- C:\Users\Vojtěch\AppData\Roaming\CyberLink
2015-07-16 18:20:29 ----D---- C:\Windows\WinStore
2015-07-16 18:20:27 ----RD---- C:\Windows\ToastData
2015-07-16 18:15:10 ----SD---- C:\ProgramData\Microsoft
2015-07-16 17:04:55 ----RSD---- C:\Windows\assembly
2015-07-16 12:58:50 ----D---- C:\Program Files (x86)\CyberLink
2015-07-16 12:58:29 ----D---- C:\ProgramData\CyberLink
2015-07-16 12:47:31 ----D---- C:\Windows\Hewlett-Packard
2015-07-16 12:37:57 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 12:37:57 ----D---- C:\Windows\system32\wbem
2015-07-16 12:37:57 ----D---- C:\Windows\system32\appraiser
2015-07-16 12:37:57 ----D---- C:\Windows\apppatch
2015-07-16 12:37:44 ----D---- C:\Windows\system32\MRT
2015-07-16 12:21:47 ----DC---- C:\Windows\system32\DRVSTORE
2015-07-16 12:21:42 ----D---- C:\Program Files (x86)\Common Files
2015-07-15 21:24:48 ----D---- C:\Windows\system32\cs-CZ
2015-07-15 21:24:46 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-15 21:24:42 ----D---- C:\Program Files\Internet Explorer
2015-07-15 21:24:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-13 23:10:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-13 08:41:45 ----D---- C:\Program Files (x86)\Cisco

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2015-07-16 247016]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-07-16 478392]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-12-27 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2015-07-16 226480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-07-16 831664]
R1 KLIM6;@oem26.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-07-16 39792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2015-07-16 24944]
R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2015-07-16 77680]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-07-16 85360]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-07-16 190648]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-10-08 71680]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-07-16 64368]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-12-21 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-27 4264536]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-12-21 454416]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-07-16 159960]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-07-16 40304]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-07-16 39792]
R3 RSP2STOR;@oem29.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2015-06-27 294104]
R3 RTL8168;@oem31.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-06-27 874712]
R3 RTWlanE;@oem43.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-08-11 3593432]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-27 33008]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-06-27 546032]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-10-08 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2012-07-27 29616]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 klkbdflt2;Kaspersky Lab KlKbdFlt2; C:\Windows\system32\DRIVERS\klkbdflt2.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [2015-07-16 194000]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-06-29 602888]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-12-21 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-07-02 124928]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 277360]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-06-27 291032]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-27 191728]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-12-21 280680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[vojta.kuca.kucera]

# AdwCleaner v4.208 - Log vytvořen 14/08/2015 v 09:18:11
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-08-12.1 [Server]
# Operační system : Windows 8.1 Connected (x64)
# Uživatelské jméno : Vojtěch - NAŠMILÁČEK
# Spuštěno z : C:\Users\Vojtěch\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files (x86)\XTab
Složka Smazáno : C:\Users\Vojtěch\AppData\Roaming\webssearches
Složka Smazáno : C:\Users\Vojtěch\AppData\Roaming\Elex-tech
Soubor Smazáno : C:\Windows\System32\log\iSafeKrnlCall.log

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B98F9A1E-BB96-4DFC-A4C5-09DA053B6D5C}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\webssearchesSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v44.0.2403.155

[C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1421954555&from=kmp&uid=ST500LT012-1DG142_W3PA3P1V&q={searchTerms}
[C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : F9BEE1588741CC4C05B41F129F82DF2B1EDD1B74EA48307087795AE16FD532FB","homepage_is_newtabpage":"78CB4252D692A1511E863BD10D7FA0F87C9BB3AD5C330728D7AABEE361E1F64D","pinned_tabs":"E318AD8B40864B540BC87F06B7BE3F0D3465A7E63CF3700B6DDC50AFCCBD119A","prefs":{"preference_reset_time":"C1CFF831CC002C734B4395DA43D33F46F5090BA7D707DF2E513D8C4846C2901F"},"profile":{"reset_prompt_memento":"AB43BF92565EF146F48071606BBADDFFC30A9839C97E7AB11F691A82B08EB207"},"safebrowsing":{"incidents_sent":"E17ACCAECD03A268D522015D92F0C7465B41B4A4C4D2027AB1F3CFCE7D618107"},"search_provider_overrides":"8787A6889AD004045328494DA9ABB2D12D90D066E4EB5F1CC45712625AFFB41E","session":{"restore_on_startup":"CA69F22848439D1DB85F3F4E5558F3F21F78B993B97BAFEB98456EBC900EB395","startup_urls":"7DAAFCD5735AA9A66B1EA4F135CCA4425F7896D37613AD73EA2A021F700C5212"},"software_reporter":{"prompt_reason":"6DEF4A44779FA27BADF6AF829DB7922749082A4216908AB4D4BA52E480DF026A","prompt_seed":"C7DED4B6253DE17A60D058778EF235831884203931ECAEE95040C4A09B83718D","prompt_version":"091A285E7FEEDB461CF233D4819F6F56431974D081375378D657FC43A6FD345D"},"sync":{"remaining_rollback_tries":"E02B44DE10275841EEDFE24DD73010ACAC17DF43D18003B26C3C66E54C0D4CB9"}},"super_mac":"6373970586383ED9B505A2E7707E3AD652C157FBD071D69BAACF2563D751DF28"},"session":{"startup_urls":["hxxp://istart.webssearches.com/?type=hp&ts=1421954478&from=kmp&uid=ST500LT012-1DG142_W3PA3P1V
[C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 7DAAFCD5735AA9A66B1EA4F135CCA4425F7896D37613AD73EA2A021F700C5212"},"software_reporter":{"prompt_reason":"6DEF4A44779FA27BADF6AF829DB7922749082A4216908AB4D4BA52E480DF026A","prompt_seed":"C7DED4B6253DE17A60D058778EF235831884203931ECAEE95040C4A09B83718D","prompt_version":"091A285E7FEEDB461CF233D4819F6F56431974D081375378D657FC43A6FD345D"},"sync":{"remaining_rollback_tries":"E02B44DE10275841EEDFE24DD73010ACAC17DF43D18003B26C3C66E54C0D4CB9"}},"super_mac":"6373970586383ED9B505A2E7707E3AD652C157FBD071D69BAACF2563D751DF28"},"session":{"startup_urls":["hxxp://istart.webssearches.com/?type=hp&ts=1421954478&from=kmp&uid=ST500LT012-1DG142_W3PA3P1V

*************************

AdwCleaner[R0].txt - [5996 bytů] - [14/08/2015 09:15:51]
AdwCleaner[S0].txt - [4754 bytů] - [14/08/2015 09:18:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4812 bytů] ##########

[Rudy]

Dejte nový log RSIT.

[vojta.kuca.kucera]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vojtěch at 2015-08-15 08:05:55
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 158 GB (35%) free of 458 GB
Total RAM: 3984 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:06:05, on 15. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vojtěch.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Power2GoExpress8] NA
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --user-data-dir="C:\Users\Vojtěch\AppData\Roaming\Seznam.cz\bin\..\data\libchinst\chromeprofile" --flag-switches-begin --flag-switches-end --restore-last-session http://software.seznam.cz/listicka?browser=chrome#auto
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9170 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 221217917248
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {0592b86d-06c4-416b-b3ce5a9006b95de8}
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
taskhost.exe $(Arg0)

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe" -hidden
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
taskeng.exe {E04EDC7A-E724-4458-9D0C-61BF047CFE0C}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3632.0.1404851779\959824114" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3958 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3632.5.1315990388\280099484" --font-cache-shared-handle=4172 /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe" /d speedup
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3632.6.1167832067\40126717" --font-cache-shared-handle=3796 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
C:\Windows\TEMP\204B720D-D1AF-4B17-9F30-B9086D6FDF54\dismhost.exe {D1E4DF28-ED2E-4ADB-A977-09B0CB240C3E}
"C:\Users\Vojtěch\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForVojtěch.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForVojtěch (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-27 7636696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-27 1396592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-27 2818800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Power2GoExpress8"=NA []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-08-08 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2015-06-29 653576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
"NoDriveTypeAutoRun"=28

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-14 09:06:39 ----D---- C:\AdwCleaner
2015-08-13 20:08:59 ----AD---- C:\Program Files (x86)\Empire Earth II
2015-08-12 15:43:22 ----D---- C:\Program Files\trend micro
2015-08-12 15:43:21 ----D---- C:\rsit
2015-08-12 13:01:41 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 13:01:39 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 13:01:33 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2015-08-12 13:01:33 ----A---- C:\Windows\system32\netcfgx.dll
2015-08-12 13:01:33 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-08-12 13:01:33 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 13:01:32 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 13:01:31 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 13:01:31 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 13:01:31 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 13:01:30 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-08-12 13:01:30 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 13:01:30 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 13:01:29 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-08-12 13:01:26 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-12 13:01:26 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-12 13:01:26 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-12 12:17:27 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 12:17:26 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 12:17:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 12:17:26 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 12:17:22 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 12:17:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 12:17:20 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-12 12:17:18 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-12 12:14:08 ----A---- C:\Windows\system32\mshtml.dll
2015-08-12 12:14:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-12 12:13:54 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 12:13:48 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 12:13:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 12:12:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 12:12:02 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 12:11:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 12:10:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 12:10:26 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 12:09:42 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-12 12:09:38 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 12:09:33 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 12:09:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 12:09:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 12:09:14 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 12:09:02 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 12:08:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 12:08:49 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-12 12:08:49 ----A---- C:\Windows\system32\webcheck.dll
2015-08-12 12:08:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-08-12 12:08:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 12:08:44 ----A---- C:\Windows\system32\iepeers.dll
2015-08-12 12:08:43 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-12 12:08:42 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 12:08:41 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 12:08:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 12:08:36 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 12:06:31 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 12:06:31 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 12:06:31 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 12:06:31 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 12:06:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 12:06:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 12:06:22 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 12:06:22 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 12:06:21 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 12:05:41 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 12:05:41 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 12:05:37 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 12:05:33 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 12:05:33 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 12:05:33 ----A---- C:\Windows\notepad.exe
2015-08-12 12:03:58 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:03:58 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:57:52 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 11:57:51 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 11:57:51 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 11:57:51 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 11:57:51 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 11:57:51 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 11:57:51 ----A---- C:\Windows\system32\atmfd.dll
2015-08-12 11:57:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-11 16:57:03 ----A---- C:\Windows\system32\drivers\rtwlane.sys
2015-08-11 16:55:50 ----A---- C:\Windows\HPSetLog.txt
2015-08-10 09:14:17 ----D---- C:\Program Files (x86)\HP
2015-07-31 21:33:58 ----D---- C:\Windows\Minidump
2015-07-20 19:23:13 ----D---- C:\Users\Vojtěch\AppData\Roaming\Euro Truck Simulator 2
2015-07-20 18:43:20 ----D---- C:\Program Files (x86)\R.G. Mechanics
2015-07-20 07:21:22 ----D---- C:\Users\Vojtěch\AppData\Roaming\Red Alert 3 Uprising
2015-07-20 07:11:57 ----D---- C:\Program Files (x86)\Electronic Arts
2015-07-17 06:39:11 ----D---- C:\WarThunder
2015-07-17 04:13:35 ----D---- C:\Program Files\Microsoft Silverlight
2015-07-17 04:13:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-07-16 19:28:39 ----A---- C:\Windows\system32\klfphc.dll
2015-07-16 19:27:21 ----D---- C:\Program Files (x86)\Kaspersky Lab
2015-07-16 19:27:20 ----D---- C:\ProgramData\Kaspersky Lab
2015-07-16 18:59:58 ----D---- C:\Windows\SYSWOW64\idx
2015-07-16 18:58:37 ----D---- C:\Windows\system32\log
2015-07-16 18:58:05 ----D---- C:\ProgramData\boost_interprocess
2015-07-16 18:42:24 ----D---- C:\Program Files\CCleaner
2015-07-16 18:18:06 ----D---- C:\Program Files (x86)\CinemaP-1.9cV16.07
2015-07-16 18:17:46 ----D---- C:\Program Files (x86)\Seznam.cz
2015-07-16 18:17:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\Seznam.cz
2015-07-16 18:16:47 ----D---- C:\Users\Vojtěch\AppData\Roaming\Opera Software
2015-07-16 18:15:48 ----D---- C:\Program Files (x86)\Opera
2015-07-16 16:56:24 ----D---- C:\Program Files (x86)\Ubisoft
2015-07-16 12:44:54 ----A---- C:\Windows\system32\drivers\clwvd.sys
2015-07-16 12:21:47 ----A---- C:\Windows\system32\drivers\CLVirtualDrive.sys
2015-07-16 10:09:22 ----A---- C:\Windows\system32\aepdu.dll
2015-07-16 10:09:16 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-16 10:09:14 ----A---- C:\Windows\system32\profsvc.dll
2015-07-16 10:09:12 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-16 10:09:12 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 10:09:10 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-16 10:09:06 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-16 10:09:02 ----A---- C:\Windows\system32\WSShared.dll
2015-07-16 10:09:01 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-16 10:09:01 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:09:00 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 10:08:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-16 10:08:42 ----A---- C:\Windows\system32\msftedit.dll
2015-07-16 10:08:39 ----A---- C:\Windows\system32\shell32.dll
2015-07-16 10:08:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-16 10:08:35 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-16 10:08:35 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-16 07:14:51 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-16 07:14:50 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 07:14:48 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll

======List of files/folders modified in the last 1 month======

2015-08-15 08:05:59 ----D---- C:\Windows\Prefetch
2015-08-15 08:05:55 ----D---- C:\Windows\Temp
2015-08-14 10:00:00 ----D---- C:\Windows\system32\sru
2015-08-14 09:39:32 ----RD---- C:\Windows\System32
2015-08-14 09:39:32 ----D---- C:\Windows\Inf
2015-08-14 09:39:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-14 09:33:32 ----SHD---- C:\System Volume Information
2015-08-14 09:18:11 ----RD---- C:\Program Files (x86)
2015-08-14 09:18:11 ----HD---- C:\ProgramData
2015-08-13 20:37:58 ----D---- C:\KMPlayer
2015-08-13 19:44:14 ----D---- C:\Games
2015-08-13 13:26:58 ----D---- C:\Windows\rescache
2015-08-13 13:05:29 ----D---- C:\Windows\Microsoft.NET
2015-08-13 12:51:09 ----D---- C:\Windows\system32\config
2015-08-13 11:23:34 ----SD---- C:\Users\Vojtěch\AppData\Roaming\Microsoft
2015-08-13 11:09:47 ----D---- C:\Windows\system32\NDF
2015-08-13 10:47:40 ----HD---- C:\Program Files\WindowsApps
2015-08-13 10:47:40 ----D---- C:\Windows\AppReadiness
2015-08-13 10:45:57 ----D---- C:\Windows\CbsTemp
2015-08-13 10:16:11 ----D---- C:\Windows\system32\DriverStore
2015-08-13 10:11:44 ----D---- C:\Windows\WinSxS
2015-08-13 10:05:42 ----RSD---- C:\Windows\assembly
2015-08-13 09:24:07 ----D---- C:\Windows\SysWOW64
2015-08-13 09:18:45 ----D---- C:\Program Files\Internet Explorer
2015-08-13 09:18:45 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 09:18:44 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-13 09:18:44 ----D---- C:\Windows\system32\drivers
2015-08-13 09:18:43 ----D---- C:\Program Files\Windows Defender
2015-08-13 09:18:43 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 09:18:42 ----SD---- C:\Windows\system32\CompatTel
2015-08-13 09:18:42 ----D---- C:\Windows\system32\appraiser
2015-08-13 09:18:42 ----D---- C:\Windows\apppatch
2015-08-13 09:18:41 ----D---- C:\Windows
2015-08-13 09:17:29 ----D---- C:\Windows\system32\MRT
2015-08-13 09:09:43 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 15:43:22 ----RD---- C:\Program Files
2015-08-12 12:33:43 ----D---- C:\Windows\system32\catroot2
2015-08-12 12:03:52 ----SHD---- C:\Windows\Installer
2015-08-12 08:27:41 ----D---- C:\Windows\system32\catroot
2015-08-11 16:56:46 ----D---- C:\Program Files (x86)\Realtek
2015-08-11 16:55:34 ----D---- C:\SWSetup
2015-08-11 16:53:29 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-08-11 16:53:19 ----D---- C:\Users\Vojtěch\AppData\Roaming\hpqlog
2015-08-11 16:51:48 ----D---- C:\Windows\system32\Tasks
2015-08-11 16:50:09 ----RSD---- C:\Windows\Fonts
2015-08-11 10:49:35 ----D---- C:\Windows\debug
2015-08-09 14:24:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\uTorrent
2015-08-09 14:24:24 ----D---- C:\Users\Vojtěch\AppData\Roaming\DAEMON Tools Lite
2015-08-09 14:23:31 ----D---- C:\Windows\Logs
2015-08-08 15:55:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-02 12:13:17 ----D---- C:\Windows\Panther
2015-08-02 12:02:48 ----HD---- C:\$Windows.~BT
2015-07-30 18:13:01 ----D---- C:\Users\Vojtěch\AppData\Roaming\TS3Client
2015-07-25 22:26:10 ----SD---- C:\Windows\system32\GWX
2015-07-17 06:09:25 ----D---- C:\Windows\Tasks
2015-07-17 04:24:30 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 19:27:33 ----HD---- C:\Windows\ELAMBKUP
2015-07-16 19:23:54 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-07-16 18:43:45 ----D---- C:\Windows\ModemLogs
2015-07-16 18:33:47 ----D---- C:\Users\Vojtěch\AppData\Roaming\CyberLink
2015-07-16 18:20:29 ----D---- C:\Windows\WinStore
2015-07-16 18:20:27 ----RD---- C:\Windows\ToastData
2015-07-16 18:15:10 ----SD---- C:\ProgramData\Microsoft
2015-07-16 12:58:50 ----D---- C:\Program Files (x86)\CyberLink
2015-07-16 12:58:29 ----D---- C:\ProgramData\CyberLink
2015-07-16 12:47:31 ----D---- C:\Windows\Hewlett-Packard
2015-07-16 12:37:57 ----D---- C:\Windows\system32\wbem
2015-07-16 12:21:47 ----DC---- C:\Windows\system32\DRVSTORE
2015-07-16 12:21:42 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2015-07-16 247016]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-07-16 478392]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-12-27 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2015-07-16 226480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-07-16 831664]
R1 KLIM6;@oem26.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2015-07-16 39792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2015-07-16 24944]
R1 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2015-07-16 77680]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-07-16 85360]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-07-16 190648]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-10-08 71680]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-07-16 64368]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-12-21 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-27 4264536]
R3 IntcDAud;@oem22.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-12-21 454416]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-07-16 159960]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-07-16 40304]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-07-16 39792]
R3 RSP2STOR;@oem29.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2015-06-27 294104]
R3 RTL8168;@oem31.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-06-27 874712]
R3 RTWlanE;@oem43.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-08-11 3593432]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-27 33008]
R3 SynTP;@oem33.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-06-27 546032]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-10-08 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2012-07-27 29616]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S4 klkbdflt2;Kaspersky Lab KlKbdFlt2; C:\Windows\system32\DRIVERS\klkbdflt2.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [2015-07-16 194000]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-06-29 602888]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-12-21 318568]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2015-07-02 124928]
R2 PSI_SVC_2;Corel License Validation Service V2, Powered by arvato; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2013-09-13 277360]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-06-27 291032]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-06-27 191728]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-12-21 280680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[vojta.kuca.kucera]

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 313312 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Vojtěch
->Temp folder emptied: 208142955 bytes
->Temporary Internet Files folder emptied: 7321569 bytes
->Google Chrome cache emptied: 247209212 bytes
->Flash cache emptied: 313915 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19735707 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 461,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Vojtěch
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 08162015_095633

Files moved on Reboot...
C:\Users\Vojtěch\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Windows\temp\obu10AF.tmp moved successfully.

Registry entries deleted on Reboot...

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. PC by již měl být čistý.