Dobrý den,
mám problém s otvíráním různých reklamních a herních stránek. Pokaždé, když kliknu na odkaz se mi otevře nějaká nežádoucí stránka. Prosím o pomoc s odvirováním.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-10-30 20:18:51
Microsoft Windows 8.1
System drive C: has 483 GB (34%) free of 1430 GB
Total RAM: 16349 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:52, on 30. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D1024 ... =CT3332038
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - Global Startup: SOLIDWORKS 2015 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lavasofttcpservice.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe (file missing)
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Hry\Origin\OriginClientService.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\IT Viewer\privoxy.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10881 bytes
======Listing Processes======
wininit.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {605c7c07-8b05-494f-a0e2f7dc4b6cfa5a}
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b2695113-8141-42e7-96a5-f8dfa3c488be 1
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\IT Viewer\privoxy.exe" --service
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {9CF29EEF-639F-4147-ACF4-47FA01EA5170}
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=5044
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="5044.0.781044425\2002634057" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5044.3.633794365\1960399799" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5044.4.349373147\1285652849" /prefetch:673131151
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5044.7.861973162\207469257" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=ppapi --channel="5044.8.1663547382\784234412" --ppapi-flash-args --lang=cs --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=7464 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="5044.9.463086627\348028261" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petr\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-30 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-30 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-10-24 1385744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-30 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2015 Rychlé spuštění.lnk - C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-30 20:16:42 ----D---- C:\FRST
2015-10-30 05:05:27 ----RD---- C:\Program Files (x86)\Skype
2015-10-30 04:55:50 ----D---- C:\rsit
2015-10-30 04:31:24 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-10-30 04:20:08 ----D---- C:\Windows\SYSWOW64\vbox
2015-10-30 04:20:08 ----D---- C:\Windows\system32\vbox
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-10-30 04:19:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-30 04:19:28 ----A---- C:\Windows\avastSS.scr
2015-10-30 04:15:53 ----D---- C:\Program Files\AVAST Software
2015-10-30 04:14:45 ----D---- C:\ProgramData\AVAST Software
2015-10-30 04:09:52 ----D---- C:\Users\Petr\AppData\Roaming\Spamihilator
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\vccorlib120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcr120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcp120.dll
2015-10-30 04:08:12 ----A---- C:\Windows\Reimage.ini
2015-10-25 07:29:23 ----D---- C:\ProgramData\Malwarebytes
2015-10-25 07:29:16 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-25 07:29:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 07:28:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-10-24 22:42:42 ----D---- C:\searchplugins
2015-10-24 22:42:42 ----A---- C:\prefs.js
2015-10-24 22:41:42 ----D---- C:\Users\Petr\AppData\Roaming\Lavasoft
2015-10-24 22:41:39 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-10-24 22:41:39 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-24 22:41:38 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-10-24 22:41:38 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-10-24 22:41:36 ----D---- C:\Program Files (x86)\Lavasoft
2015-10-24 22:36:29 ----D---- C:\ProgramData\Lavasoft
2015-10-24 22:21:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-24 22:05:39 ----D---- C:\_OTM
2015-10-19 19:41:05 ----D---- C:\Program Files (x86)\IT Viewer
2015-10-14 19:05:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-10-14 19:05:42 ----A---- C:\Windows\system32\d2d1.dll
2015-10-14 19:05:41 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 19:05:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 19:05:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-14 19:05:28 ----A---- C:\Windows\system32\advapi32.dll
2015-10-14 19:05:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 19:05:25 ----A---- C:\Windows\system32\winresume.exe
2015-10-14 19:05:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\winload.exe
2015-10-14 19:05:24 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\fveapi.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\bdesvc.dll
2015-10-14 19:05:22 ----A---- C:\Windows\system32\appraiser.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\invagent.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\generaltel.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\devinv.dll
2015-10-14 19:05:18 ----A---- C:\Windows\system32\aeinv.dll
2015-10-14 19:05:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-14 19:05:17 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 19:02:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 19:02:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 19:02:01 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 19:01:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 19:01:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 19:01:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 19:01:55 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 19:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 19:01:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 19:00:46 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-03 20:36:18 ----D---- C:\Program Files\Controller
2015-10-03 20:35:17 ----D---- C:\AdwCleaner
2015-10-03 20:01:28 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2015-10-30 20:18:16 ----D---- C:\Windows\Prefetch
2015-10-30 20:18:00 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-10-30 20:17:49 ----D---- C:\Windows
2015-10-30 20:03:47 ----D---- C:\Windows\Temp
2015-10-30 20:02:00 ----D---- C:\Windows\system32\sru
2015-10-30 05:54:12 ----SHD---- C:\Windows\Installer
2015-10-30 05:54:11 ----RD---- C:\Program Files (x86)
2015-10-30 05:53:53 ----HD---- C:\ProgramData
2015-10-30 05:44:56 ----SHD---- C:\System Volume Information
2015-10-30 05:08:34 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-10-30 05:05:40 ----D---- C:\ProgramData\Skype
2015-10-30 05:05:29 ----D---- C:\Program Files (x86)\Common Files
2015-10-30 04:20:08 ----RD---- C:\Windows\System32
2015-10-30 04:20:08 ----D---- C:\Windows\SysWOW64
2015-10-30 04:20:06 ----D---- C:\Windows\system32\DriverStore
2015-10-30 04:20:06 ----D---- C:\Windows\Inf
2015-10-30 04:19:59 ----D---- C:\Windows\system32\Tasks
2015-10-30 04:19:39 ----D---- C:\Windows\system32\drivers
2015-10-30 04:19:37 ----D---- C:\Windows\WinSxS
2015-10-30 04:15:53 ----D---- C:\Program Files
2015-10-29 12:26:49 ----D---- C:\Windows\system32\config
2015-10-29 12:22:46 ----D---- C:\Windows\Microsoft.NET
2015-10-29 12:05:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-25 22:10:49 ----D---- C:\Windows\system32\catroot2
2015-10-25 08:05:51 ----D---- C:\Windows\debug
2015-10-25 07:02:55 ----D---- C:\Program Files\Common Files
2015-10-24 22:42:43 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-24 22:11:28 ----D---- C:\Windows\Tasks
2015-10-24 22:01:49 ----D---- C:\Users\Petr\AppData\Roaming\AIMP3
2015-10-24 22:01:41 ----D---- C:\Windows\Logs
2015-10-20 15:28:49 ----D---- C:\Windows\CbsTemp
2015-10-19 18:40:06 ----D---- C:\Windows\rescache
2015-10-16 05:51:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 22:05:49 ----D---- C:\Windows\system32\cs-CZ
2015-10-14 22:05:48 ----RD---- C:\Windows\ToastData
2015-10-14 22:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-14 22:05:47 ----SD---- C:\Windows\system32\CompatTel
2015-10-14 22:05:47 ----D---- C:\Windows\system32\Boot
2015-10-14 22:05:47 ----D---- C:\Windows\apppatch
2015-10-14 22:05:46 ----D---- C:\Windows\system32\appraiser
2015-10-14 22:05:46 ----D---- C:\Program Files\Internet Explorer
2015-10-14 22:05:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-14 20:06:52 ----D---- C:\Windows\system32\MRT
2015-10-14 20:03:26 ----A---- C:\Windows\system32\MRT.exe
2015-10-09 19:41:36 ----SD---- C:\Windows\system32\GWX
2015-10-07 20:44:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-03 21:25:10 ----D---- C:\Windows\system32\NDF
2015-10-03 20:36:13 ----D---- C:\Windows\system32\log
2015-10-02 17:19:28 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-30 274808]
R0 mvs91xx;mvs91xx; C:\Windows\System32\drivers\mvs91xx.sys [2013-10-11 328488]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-30 132656]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-30 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-30 448968]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-30 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-30 274336]
R3 GeneStor;@oem1.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-17 107208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-06 3956056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 843480]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-30 65224]
S3 avchv;@oem27.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WDC_SAM;@oem39.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-10-24 2751760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PrivoxyService;Privoxy (PrivoxyService); C:\Program Files (x86)\IT Viewer\privoxy.exe [2015-10-30 371200]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-10-24 17168]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-30 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 caMyciloP;caMyciloP; C:\ProgramData\caMyciloP\caMyciloP.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2014-09-30 81400]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-19 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-01-19 1074480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Hry\Origin\OriginClientService.exe [2015-02-18 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-01-19 79360]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
spouštění internetových stránek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spouštění internetových stránek
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
spendlik.spidy
Re: spouštění internetových stránek
# AdwCleaner v5.015 - Logfile created 30/10/2015 at 21:04:06
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Petr - SPENDLIK
# Running from : C:\Users\Petr\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : PrivoxyService
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Controller
[-] Folder Deleted : C:\Program Files (x86)\IT Viewer
***** [ Files ] *****
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\SysWOW64\findit.xml
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\SecureWeb
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[!] Key Not Deleted : [x64] HKCU\Software\Reg\Clean
[!] Key Not Deleted : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\AppDataLow\Software\adawarebp
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[!] Key Not Deleted : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2043 bytes] ##########
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Petr - SPENDLIK
# Running from : C:\Users\Petr\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : PrivoxyService
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Controller
[-] Folder Deleted : C:\Program Files (x86)\IT Viewer
***** [ Files ] *****
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\SysWOW64\findit.xml
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel
[-] Key Deleted : HKLM\SOFTWARE\SecureWeb
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[!] Key Not Deleted : [x64] HKCU\Software\Reg\Clean
[!] Key Not Deleted : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\AppDataLow\Software\adawarebp
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[!] Key Not Deleted : HKU\S-1-5-21-1320987048-3415038541-2125130481-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2043 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spouštění internetových stránek
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
spendlik.spidy
Re: spouštění internetových stránek
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-10-30 21:54:41
Microsoft Windows 8.1
System drive C: has 482 GB (34%) free of 1430 GB
Total RAM: 16349 MB (88% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:42, on 30. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - Global Startup: SOLIDWORKS 2015 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe (file missing)
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Hry\Origin\OriginClientService.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10132 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {c9d80ea4-b399-4ebc-84c34a0a6d97e59b}
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b2695113-8141-42e7-96a5-f8dfa3c488be 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\System32\skydrive.exe -Embedding
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=6180
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="6180.0.1389075808\1332821734" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.3.557558800\48965412" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.4.529212469\615313378" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.5.1571551911\156684362" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.9.222801728\1813642349" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petr\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-30 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-30 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-10-24 1385744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-30 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2015 Rychlé spuštění.lnk - C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-30 20:16:42 ----D---- C:\FRST
2015-10-30 05:05:27 ----RD---- C:\Program Files (x86)\Skype
2015-10-30 04:55:50 ----D---- C:\rsit
2015-10-30 04:31:24 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-10-30 04:20:08 ----D---- C:\Windows\SYSWOW64\vbox
2015-10-30 04:20:08 ----D---- C:\Windows\system32\vbox
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-10-30 04:19:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-30 04:19:28 ----A---- C:\Windows\avastSS.scr
2015-10-30 04:15:53 ----D---- C:\Program Files\AVAST Software
2015-10-30 04:14:45 ----D---- C:\ProgramData\AVAST Software
2015-10-30 04:09:52 ----D---- C:\Users\Petr\AppData\Roaming\Spamihilator
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\vccorlib120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcr120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcp120.dll
2015-10-25 07:29:23 ----D---- C:\ProgramData\Malwarebytes
2015-10-25 07:29:16 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-25 07:29:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 07:28:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-10-24 22:42:42 ----D---- C:\searchplugins
2015-10-24 22:42:42 ----A---- C:\prefs.js
2015-10-24 22:41:42 ----D---- C:\Users\Petr\AppData\Roaming\Lavasoft
2015-10-24 22:41:39 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-10-24 22:41:39 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-24 22:41:38 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-10-24 22:41:38 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-10-24 22:41:36 ----D---- C:\Program Files (x86)\Lavasoft
2015-10-24 22:36:29 ----D---- C:\ProgramData\Lavasoft
2015-10-24 22:21:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-24 22:05:39 ----D---- C:\_OTM
2015-10-14 19:05:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-10-14 19:05:42 ----A---- C:\Windows\system32\d2d1.dll
2015-10-14 19:05:41 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 19:05:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 19:05:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-14 19:05:28 ----A---- C:\Windows\system32\advapi32.dll
2015-10-14 19:05:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 19:05:25 ----A---- C:\Windows\system32\winresume.exe
2015-10-14 19:05:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\winload.exe
2015-10-14 19:05:24 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\fveapi.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\bdesvc.dll
2015-10-14 19:05:22 ----A---- C:\Windows\system32\appraiser.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\invagent.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\generaltel.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\devinv.dll
2015-10-14 19:05:18 ----A---- C:\Windows\system32\aeinv.dll
2015-10-14 19:05:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-14 19:05:17 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 19:02:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 19:02:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 19:02:01 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 19:01:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 19:01:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 19:01:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 19:01:55 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 19:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 19:01:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 19:00:46 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-03 20:35:17 ----D---- C:\AdwCleaner
2015-10-03 20:01:28 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2015-10-30 21:40:34 ----D---- C:\Windows\Prefetch
2015-10-30 21:28:10 ----D---- C:\Windows\Temp
2015-10-30 21:13:16 ----RD---- C:\Windows\System32
2015-10-30 21:13:16 ----D---- C:\Windows\Inf
2015-10-30 21:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-30 21:12:39 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-10-30 21:04:06 ----RD---- C:\Program Files (x86)
2015-10-30 21:04:06 ----D---- C:\Windows\SysWOW64
2015-10-30 21:04:06 ----D---- C:\Windows
2015-10-30 21:04:06 ----D---- C:\Program Files
2015-10-30 21:00:00 ----D---- C:\Windows\system32\sru
2015-10-30 05:54:12 ----SHD---- C:\Windows\Installer
2015-10-30 05:53:53 ----HD---- C:\ProgramData
2015-10-30 05:44:56 ----SHD---- C:\System Volume Information
2015-10-30 05:08:34 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-10-30 05:05:40 ----D---- C:\ProgramData\Skype
2015-10-30 05:05:29 ----D---- C:\Program Files (x86)\Common Files
2015-10-30 04:20:06 ----D---- C:\Windows\system32\DriverStore
2015-10-30 04:19:59 ----D---- C:\Windows\system32\Tasks
2015-10-30 04:19:39 ----D---- C:\Windows\system32\drivers
2015-10-30 04:19:37 ----D---- C:\Windows\WinSxS
2015-10-29 12:26:49 ----D---- C:\Windows\system32\config
2015-10-29 12:22:46 ----D---- C:\Windows\Microsoft.NET
2015-10-25 22:10:49 ----D---- C:\Windows\system32\catroot2
2015-10-25 08:05:51 ----D---- C:\Windows\debug
2015-10-25 07:02:55 ----D---- C:\Program Files\Common Files
2015-10-24 22:42:43 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-24 22:11:28 ----D---- C:\Windows\Tasks
2015-10-24 22:01:49 ----D---- C:\Users\Petr\AppData\Roaming\AIMP3
2015-10-24 22:01:41 ----D---- C:\Windows\Logs
2015-10-20 15:28:49 ----D---- C:\Windows\CbsTemp
2015-10-19 18:40:06 ----D---- C:\Windows\rescache
2015-10-16 05:51:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 22:05:49 ----D---- C:\Windows\system32\cs-CZ
2015-10-14 22:05:48 ----RD---- C:\Windows\ToastData
2015-10-14 22:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-14 22:05:47 ----SD---- C:\Windows\system32\CompatTel
2015-10-14 22:05:47 ----D---- C:\Windows\system32\Boot
2015-10-14 22:05:47 ----D---- C:\Windows\apppatch
2015-10-14 22:05:46 ----D---- C:\Windows\system32\appraiser
2015-10-14 22:05:46 ----D---- C:\Program Files\Internet Explorer
2015-10-14 22:05:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-14 20:06:52 ----D---- C:\Windows\system32\MRT
2015-10-14 20:03:26 ----A---- C:\Windows\system32\MRT.exe
2015-10-09 19:41:36 ----SD---- C:\Windows\system32\GWX
2015-10-07 20:44:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-03 21:25:10 ----D---- C:\Windows\system32\NDF
2015-10-03 20:36:13 ----D---- C:\Windows\system32\log
2015-10-02 17:19:28 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-30 274808]
R0 mvs91xx;mvs91xx; C:\Windows\System32\drivers\mvs91xx.sys [2013-10-11 328488]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-30 132656]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-30 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-30 448968]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-30 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-30 274336]
R3 GeneStor;@oem1.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-17 107208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-06 3956056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 843480]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 avchv;@oem27.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WDC_SAM;@oem39.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-10-24 2751760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-30 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 caMyciloP;caMyciloP; C:\ProgramData\caMyciloP\caMyciloP.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-10-24 17168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2014-09-30 81400]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-19 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-01-19 1074480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Hry\Origin\OriginClientService.exe [2015-02-18 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-01-19 79360]
-----------------EOF-----------------
Run by Petr at 2015-10-30 21:54:41
Microsoft Windows 8.1
System drive C: has 482 GB (34%) free of 1430 GB
Total RAM: 16349 MB (88% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:42, on 30. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - Global Startup: SOLIDWORKS 2015 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe (file missing)
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Hry\Origin\OriginClientService.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10132 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {c9d80ea4-b399-4ebc-84c34a0a6d97e59b}
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b2695113-8141-42e7-96a5-f8dfa3c488be 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\System32\skydrive.exe -Embedding
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=6180
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="6180.0.1389075808\1332821734" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.3.557558800\48965412" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.4.529212469\615313378" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.5.1571551911\156684362" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=4156 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="6180.9.222801728\1813642349" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petr\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-30 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-30 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-10-24 1385744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-30 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2015 Rychlé spuštění.lnk - C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-30 20:16:42 ----D---- C:\FRST
2015-10-30 05:05:27 ----RD---- C:\Program Files (x86)\Skype
2015-10-30 04:55:50 ----D---- C:\rsit
2015-10-30 04:31:24 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-10-30 04:20:08 ----D---- C:\Windows\SYSWOW64\vbox
2015-10-30 04:20:08 ----D---- C:\Windows\system32\vbox
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-10-30 04:19:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-30 04:19:28 ----A---- C:\Windows\avastSS.scr
2015-10-30 04:15:53 ----D---- C:\Program Files\AVAST Software
2015-10-30 04:14:45 ----D---- C:\ProgramData\AVAST Software
2015-10-30 04:09:52 ----D---- C:\Users\Petr\AppData\Roaming\Spamihilator
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\vccorlib120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcr120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcp120.dll
2015-10-25 07:29:23 ----D---- C:\ProgramData\Malwarebytes
2015-10-25 07:29:16 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-25 07:29:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 07:28:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-10-24 22:42:42 ----D---- C:\searchplugins
2015-10-24 22:42:42 ----A---- C:\prefs.js
2015-10-24 22:41:42 ----D---- C:\Users\Petr\AppData\Roaming\Lavasoft
2015-10-24 22:41:39 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-10-24 22:41:39 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-24 22:41:38 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-10-24 22:41:38 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-10-24 22:41:36 ----D---- C:\Program Files (x86)\Lavasoft
2015-10-24 22:36:29 ----D---- C:\ProgramData\Lavasoft
2015-10-24 22:21:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-24 22:05:39 ----D---- C:\_OTM
2015-10-14 19:05:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-10-14 19:05:42 ----A---- C:\Windows\system32\d2d1.dll
2015-10-14 19:05:41 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 19:05:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 19:05:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-14 19:05:28 ----A---- C:\Windows\system32\advapi32.dll
2015-10-14 19:05:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 19:05:25 ----A---- C:\Windows\system32\winresume.exe
2015-10-14 19:05:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\winload.exe
2015-10-14 19:05:24 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\fveapi.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\bdesvc.dll
2015-10-14 19:05:22 ----A---- C:\Windows\system32\appraiser.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\invagent.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\generaltel.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\devinv.dll
2015-10-14 19:05:18 ----A---- C:\Windows\system32\aeinv.dll
2015-10-14 19:05:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-14 19:05:17 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 19:02:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 19:02:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 19:02:01 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 19:01:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 19:01:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 19:01:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 19:01:55 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 19:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 19:01:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 19:00:46 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-03 20:35:17 ----D---- C:\AdwCleaner
2015-10-03 20:01:28 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2015-10-30 21:40:34 ----D---- C:\Windows\Prefetch
2015-10-30 21:28:10 ----D---- C:\Windows\Temp
2015-10-30 21:13:16 ----RD---- C:\Windows\System32
2015-10-30 21:13:16 ----D---- C:\Windows\Inf
2015-10-30 21:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-30 21:12:39 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-10-30 21:04:06 ----RD---- C:\Program Files (x86)
2015-10-30 21:04:06 ----D---- C:\Windows\SysWOW64
2015-10-30 21:04:06 ----D---- C:\Windows
2015-10-30 21:04:06 ----D---- C:\Program Files
2015-10-30 21:00:00 ----D---- C:\Windows\system32\sru
2015-10-30 05:54:12 ----SHD---- C:\Windows\Installer
2015-10-30 05:53:53 ----HD---- C:\ProgramData
2015-10-30 05:44:56 ----SHD---- C:\System Volume Information
2015-10-30 05:08:34 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-10-30 05:05:40 ----D---- C:\ProgramData\Skype
2015-10-30 05:05:29 ----D---- C:\Program Files (x86)\Common Files
2015-10-30 04:20:06 ----D---- C:\Windows\system32\DriverStore
2015-10-30 04:19:59 ----D---- C:\Windows\system32\Tasks
2015-10-30 04:19:39 ----D---- C:\Windows\system32\drivers
2015-10-30 04:19:37 ----D---- C:\Windows\WinSxS
2015-10-29 12:26:49 ----D---- C:\Windows\system32\config
2015-10-29 12:22:46 ----D---- C:\Windows\Microsoft.NET
2015-10-25 22:10:49 ----D---- C:\Windows\system32\catroot2
2015-10-25 08:05:51 ----D---- C:\Windows\debug
2015-10-25 07:02:55 ----D---- C:\Program Files\Common Files
2015-10-24 22:42:43 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-24 22:11:28 ----D---- C:\Windows\Tasks
2015-10-24 22:01:49 ----D---- C:\Users\Petr\AppData\Roaming\AIMP3
2015-10-24 22:01:41 ----D---- C:\Windows\Logs
2015-10-20 15:28:49 ----D---- C:\Windows\CbsTemp
2015-10-19 18:40:06 ----D---- C:\Windows\rescache
2015-10-16 05:51:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 22:05:49 ----D---- C:\Windows\system32\cs-CZ
2015-10-14 22:05:48 ----RD---- C:\Windows\ToastData
2015-10-14 22:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-14 22:05:47 ----SD---- C:\Windows\system32\CompatTel
2015-10-14 22:05:47 ----D---- C:\Windows\system32\Boot
2015-10-14 22:05:47 ----D---- C:\Windows\apppatch
2015-10-14 22:05:46 ----D---- C:\Windows\system32\appraiser
2015-10-14 22:05:46 ----D---- C:\Program Files\Internet Explorer
2015-10-14 22:05:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-14 20:06:52 ----D---- C:\Windows\system32\MRT
2015-10-14 20:03:26 ----A---- C:\Windows\system32\MRT.exe
2015-10-09 19:41:36 ----SD---- C:\Windows\system32\GWX
2015-10-07 20:44:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-03 21:25:10 ----D---- C:\Windows\system32\NDF
2015-10-03 20:36:13 ----D---- C:\Windows\system32\log
2015-10-02 17:19:28 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-30 274808]
R0 mvs91xx;mvs91xx; C:\Windows\System32\drivers\mvs91xx.sys [2013-10-11 328488]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-30 132656]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-30 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-30 448968]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-30 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-30 274336]
R3 GeneStor;@oem1.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-17 107208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-06 3956056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 843480]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 avchv;@oem27.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WDC_SAM;@oem39.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-10-24 2751760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-30 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 caMyciloP;caMyciloP; C:\ProgramData\caMyciloP\caMyciloP.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-10-24 17168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2014-09-30 81400]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-19 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-01-19 1074480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Hry\Origin\OriginClientService.exe [2015-02-18 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-01-19 79360]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spouštění internetových stránek
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spouštění internetových stránek
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-10-31 03:37:06
Microsoft Windows 8.1
System drive C: has 481 GB (34%) free of 1430 GB
Total RAM: 16349 MB (89% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:37:16, on 31. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - Global Startup: SOLIDWORKS 2015 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe (file missing)
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Hry\Origin\OriginClientService.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10227 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {5bc154f5-aa1c-4fe5-a12771457847e527}
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
taskeng.exe {533A25F3-89E8-4DAA-B42A-0F8EA1763CFE}
C:\Windows\Explorer.EXE
taskhostex.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b2695113-8141-42e7-96a5-f8dfa3c488be 1
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=1000
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="1000.0.650081897\202097468" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.3.611637849\1277674138" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.4.447130067\870953488" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.5.1410081020\161396276" /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.7.526654409\1368392893" /prefetch:673131151
"C:\Users\Petr\Downloads\RSITx64.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-30 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-30 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-10-24 1385744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-30 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2015 Rychlé spuštění.lnk - C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-30 20:16:42 ----D---- C:\FRST
2015-10-30 05:05:27 ----RD---- C:\Program Files (x86)\Skype
2015-10-30 04:55:50 ----D---- C:\rsit
2015-10-30 04:31:24 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-10-30 04:20:08 ----D---- C:\Windows\SYSWOW64\vbox
2015-10-30 04:20:08 ----D---- C:\Windows\system32\vbox
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-10-30 04:19:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-30 04:19:28 ----A---- C:\Windows\avastSS.scr
2015-10-30 04:15:53 ----D---- C:\Program Files\AVAST Software
2015-10-30 04:14:45 ----D---- C:\ProgramData\AVAST Software
2015-10-30 04:09:52 ----D---- C:\Users\Petr\AppData\Roaming\Spamihilator
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\vccorlib120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcr120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcp120.dll
2015-10-25 07:29:23 ----D---- C:\ProgramData\Malwarebytes
2015-10-25 07:29:16 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-25 07:29:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 07:28:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-10-24 22:42:42 ----D---- C:\searchplugins
2015-10-24 22:42:42 ----A---- C:\prefs.js
2015-10-24 22:41:42 ----D---- C:\Users\Petr\AppData\Roaming\Lavasoft
2015-10-24 22:41:39 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-10-24 22:41:39 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-24 22:41:38 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-10-24 22:41:38 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-10-24 22:41:36 ----D---- C:\Program Files (x86)\Lavasoft
2015-10-24 22:36:29 ----D---- C:\ProgramData\Lavasoft
2015-10-24 22:21:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-24 22:05:39 ----D---- C:\_OTM
2015-10-14 19:05:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-10-14 19:05:42 ----A---- C:\Windows\system32\d2d1.dll
2015-10-14 19:05:41 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 19:05:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 19:05:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-14 19:05:28 ----A---- C:\Windows\system32\advapi32.dll
2015-10-14 19:05:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 19:05:25 ----A---- C:\Windows\system32\winresume.exe
2015-10-14 19:05:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\winload.exe
2015-10-14 19:05:24 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\fveapi.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\bdesvc.dll
2015-10-14 19:05:22 ----A---- C:\Windows\system32\appraiser.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\invagent.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\generaltel.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\devinv.dll
2015-10-14 19:05:18 ----A---- C:\Windows\system32\aeinv.dll
2015-10-14 19:05:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-14 19:05:17 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 19:02:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 19:02:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 19:02:01 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 19:01:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 19:01:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 19:01:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 19:01:55 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 19:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 19:01:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 19:00:46 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-03 20:35:17 ----D---- C:\AdwCleaner
2015-10-03 20:01:28 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2015-10-31 03:35:35 ----D---- C:\Windows\Prefetch
2015-10-31 03:33:58 ----D---- C:\Windows\Temp
2015-10-31 03:00:00 ----D---- C:\Windows\system32\sru
2015-10-31 02:51:06 ----D---- C:\Windows\Microsoft.NET
2015-10-30 21:13:16 ----RD---- C:\Windows\System32
2015-10-30 21:13:16 ----D---- C:\Windows\Inf
2015-10-30 21:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-30 21:12:39 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-10-30 21:04:06 ----RD---- C:\Program Files (x86)
2015-10-30 21:04:06 ----D---- C:\Windows\SysWOW64
2015-10-30 21:04:06 ----D---- C:\Windows
2015-10-30 21:04:06 ----D---- C:\Program Files
2015-10-30 05:54:12 ----SHD---- C:\Windows\Installer
2015-10-30 05:53:53 ----HD---- C:\ProgramData
2015-10-30 05:44:56 ----SHD---- C:\System Volume Information
2015-10-30 05:08:34 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-10-30 05:05:40 ----D---- C:\ProgramData\Skype
2015-10-30 05:05:29 ----D---- C:\Program Files (x86)\Common Files
2015-10-30 04:20:06 ----D---- C:\Windows\system32\DriverStore
2015-10-30 04:19:59 ----D---- C:\Windows\system32\Tasks
2015-10-30 04:19:39 ----D---- C:\Windows\system32\drivers
2015-10-30 04:19:37 ----D---- C:\Windows\WinSxS
2015-10-29 12:26:49 ----D---- C:\Windows\system32\config
2015-10-25 22:10:49 ----D---- C:\Windows\system32\catroot2
2015-10-25 08:05:51 ----D---- C:\Windows\debug
2015-10-25 07:02:55 ----D---- C:\Program Files\Common Files
2015-10-24 22:42:43 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-24 22:11:28 ----D---- C:\Windows\Tasks
2015-10-24 22:01:49 ----D---- C:\Users\Petr\AppData\Roaming\AIMP3
2015-10-24 22:01:41 ----D---- C:\Windows\Logs
2015-10-20 15:28:49 ----D---- C:\Windows\CbsTemp
2015-10-19 18:40:06 ----D---- C:\Windows\rescache
2015-10-16 05:51:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 22:05:49 ----D---- C:\Windows\system32\cs-CZ
2015-10-14 22:05:48 ----RD---- C:\Windows\ToastData
2015-10-14 22:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-14 22:05:47 ----SD---- C:\Windows\system32\CompatTel
2015-10-14 22:05:47 ----D---- C:\Windows\system32\Boot
2015-10-14 22:05:47 ----D---- C:\Windows\apppatch
2015-10-14 22:05:46 ----D---- C:\Windows\system32\appraiser
2015-10-14 22:05:46 ----D---- C:\Program Files\Internet Explorer
2015-10-14 22:05:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-14 20:06:52 ----D---- C:\Windows\system32\MRT
2015-10-14 20:03:26 ----A---- C:\Windows\system32\MRT.exe
2015-10-09 19:41:36 ----SD---- C:\Windows\system32\GWX
2015-10-07 20:44:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-03 21:25:10 ----D---- C:\Windows\system32\NDF
2015-10-03 20:36:13 ----D---- C:\Windows\system32\log
2015-10-02 17:19:28 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-30 274808]
R0 mvs91xx;mvs91xx; C:\Windows\System32\drivers\mvs91xx.sys [2013-10-11 328488]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-30 132656]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-30 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-30 448968]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-30 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-30 274336]
R3 GeneStor;@oem1.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-17 107208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-06 3956056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 843480]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 avchv;@oem27.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WDC_SAM;@oem39.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-10-24 2751760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-30 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 caMyciloP;caMyciloP; C:\ProgramData\caMyciloP\caMyciloP.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-10-24 17168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2014-09-30 81400]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-19 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-01-19 1074480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Hry\Origin\OriginClientService.exe [2015-02-18 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-01-19 79360]
-----------------EOF-----------------
Run by Petr at 2015-10-31 03:37:06
Microsoft Windows 8.1
System drive C: has 481 GB (34%) free of 1430 GB
Total RAM: 16349 MB (89% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:37:16, on 31. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjJDVaRrSck_AqghTsUGBnhkoKmsZloNqxnevNPh_PBESTRfF-XJEwjc8Mj-JV9_mDBuMu5xydKZoyrzPgIJFx3Nj4lyO35Btx9iiEhmetKw8UXNx6DZNy6i8L0PokdXyqOkDVClFdVjCa906JY,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - Global Startup: SOLIDWORKS 2015 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: caMyciloP - Unknown owner - C:\ProgramData\caMyciloP\caMyciloP.exe (file missing)
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Hry\Origin\OriginClientService.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: IE Search Set (SearchProtectionService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10227 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {5bc154f5-aa1c-4fe5-a12771457847e527}
"C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
taskeng.exe {533A25F3-89E8-4DAA-B42A-0F8EA1763CFE}
C:\Windows\Explorer.EXE
taskhostex.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss b2695113-8141-42e7-96a5-f8dfa3c488be 1
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX4325622ft6437f3xfywcfxgbedfvpn0x.mca
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe" -c
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
szndesktop.exe default start
"C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=1000
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="1000.0.650081897\202097468" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.3.611637849\1277674138" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.4.447130067\870953488" /prefetch:673131151
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.5.1410081020\161396276" /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_19_0_0_226.dll" --ppapi-flash-version=19.0.0.226 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=3296 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="1000.7.526654409\1368392893" /prefetch:673131151
"C:\Users\Petr\Downloads\RSITx64.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-30 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24 38104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-30 559624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10 13671640]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15 1385840]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-05-30 2352072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
"cz.seznam.software.autoupdate"=C:\Users\Petr\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Petr\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2015-10-24 1385744]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-10-30 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SOLIDWORKS 2015 Rychlé spuštění.lnk - C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-10-30 20:16:42 ----D---- C:\FRST
2015-10-30 05:05:27 ----RD---- C:\Program Files (x86)\Skype
2015-10-30 04:55:50 ----D---- C:\rsit
2015-10-30 04:31:24 ----D---- C:\Users\Petr\AppData\Roaming\AVAST Software
2015-10-30 04:20:08 ----D---- C:\Windows\SYSWOW64\vbox
2015-10-30 04:20:08 ----D---- C:\Windows\system32\vbox
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-10-30 04:19:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-10-30 04:19:34 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-30 04:19:28 ----A---- C:\Windows\avastSS.scr
2015-10-30 04:15:53 ----D---- C:\Program Files\AVAST Software
2015-10-30 04:14:45 ----D---- C:\ProgramData\AVAST Software
2015-10-30 04:09:52 ----D---- C:\Users\Petr\AppData\Roaming\Spamihilator
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\vccorlib120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcr120.dll
2015-10-30 04:09:05 ----A---- C:\Windows\SYSWOW64\msvcp120.dll
2015-10-25 07:29:23 ----D---- C:\ProgramData\Malwarebytes
2015-10-25 07:29:16 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-25 07:29:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-10-25 07:28:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-10-24 22:42:42 ----D---- C:\searchplugins
2015-10-24 22:42:42 ----A---- C:\prefs.js
2015-10-24 22:41:42 ----D---- C:\Users\Petr\AppData\Roaming\Lavasoft
2015-10-24 22:41:39 ----A---- C:\Windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-10-24 22:41:39 ----A---- C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-10-24 22:41:38 ----A---- C:\Windows\SYSWOW64\LavasoftTcpService.dll
2015-10-24 22:41:38 ----A---- C:\Windows\system32\LavasoftTcpService64.dll
2015-10-24 22:41:36 ----D---- C:\Program Files (x86)\Lavasoft
2015-10-24 22:36:29 ----D---- C:\ProgramData\Lavasoft
2015-10-24 22:21:32 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-24 22:05:39 ----D---- C:\_OTM
2015-10-14 19:05:43 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-10-14 19:05:42 ----A---- C:\Windows\system32\d2d1.dll
2015-10-14 19:05:41 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 19:05:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 19:05:29 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 19:05:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-10-14 19:05:28 ----A---- C:\Windows\system32\advapi32.dll
2015-10-14 19:05:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 19:05:25 ----A---- C:\Windows\system32\winresume.exe
2015-10-14 19:05:24 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\winload.exe
2015-10-14 19:05:24 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\fveapi.dll
2015-10-14 19:05:24 ----A---- C:\Windows\system32\bdesvc.dll
2015-10-14 19:05:22 ----A---- C:\Windows\system32\appraiser.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\invagent.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\generaltel.dll
2015-10-14 19:05:19 ----A---- C:\Windows\system32\devinv.dll
2015-10-14 19:05:18 ----A---- C:\Windows\system32\aeinv.dll
2015-10-14 19:05:17 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-14 19:05:17 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 19:02:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 19:02:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 19:02:01 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 19:01:59 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 19:01:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 19:01:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 19:01:55 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 19:01:54 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 19:01:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 19:01:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 19:01:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 19:01:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 19:01:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 19:01:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 19:01:47 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-10-14 19:01:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 19:01:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 19:01:45 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 19:00:51 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 19:00:46 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 18:58:27 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:26 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 18:58:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-03 20:35:17 ----D---- C:\AdwCleaner
2015-10-03 20:01:28 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 month======
2015-10-31 03:35:35 ----D---- C:\Windows\Prefetch
2015-10-31 03:33:58 ----D---- C:\Windows\Temp
2015-10-31 03:00:00 ----D---- C:\Windows\system32\sru
2015-10-31 02:51:06 ----D---- C:\Windows\Microsoft.NET
2015-10-30 21:13:16 ----RD---- C:\Windows\System32
2015-10-30 21:13:16 ----D---- C:\Windows\Inf
2015-10-30 21:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-30 21:12:39 ----D---- C:\Users\Petr\AppData\Roaming\Seznam.cz
2015-10-30 21:04:06 ----RD---- C:\Program Files (x86)
2015-10-30 21:04:06 ----D---- C:\Windows\SysWOW64
2015-10-30 21:04:06 ----D---- C:\Windows
2015-10-30 21:04:06 ----D---- C:\Program Files
2015-10-30 05:54:12 ----SHD---- C:\Windows\Installer
2015-10-30 05:53:53 ----HD---- C:\ProgramData
2015-10-30 05:44:56 ----SHD---- C:\System Volume Information
2015-10-30 05:08:34 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-10-30 05:05:40 ----D---- C:\ProgramData\Skype
2015-10-30 05:05:29 ----D---- C:\Program Files (x86)\Common Files
2015-10-30 04:20:06 ----D---- C:\Windows\system32\DriverStore
2015-10-30 04:19:59 ----D---- C:\Windows\system32\Tasks
2015-10-30 04:19:39 ----D---- C:\Windows\system32\drivers
2015-10-30 04:19:37 ----D---- C:\Windows\WinSxS
2015-10-29 12:26:49 ----D---- C:\Windows\system32\config
2015-10-25 22:10:49 ----D---- C:\Windows\system32\catroot2
2015-10-25 08:05:51 ----D---- C:\Windows\debug
2015-10-25 07:02:55 ----D---- C:\Program Files\Common Files
2015-10-24 22:42:43 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-24 22:11:28 ----D---- C:\Windows\Tasks
2015-10-24 22:01:49 ----D---- C:\Users\Petr\AppData\Roaming\AIMP3
2015-10-24 22:01:41 ----D---- C:\Windows\Logs
2015-10-20 15:28:49 ----D---- C:\Windows\CbsTemp
2015-10-19 18:40:06 ----D---- C:\Windows\rescache
2015-10-16 05:51:29 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 22:05:49 ----D---- C:\Windows\system32\cs-CZ
2015-10-14 22:05:48 ----RD---- C:\Windows\ToastData
2015-10-14 22:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-14 22:05:47 ----SD---- C:\Windows\system32\CompatTel
2015-10-14 22:05:47 ----D---- C:\Windows\system32\Boot
2015-10-14 22:05:47 ----D---- C:\Windows\apppatch
2015-10-14 22:05:46 ----D---- C:\Windows\system32\appraiser
2015-10-14 22:05:46 ----D---- C:\Program Files\Internet Explorer
2015-10-14 22:05:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-14 20:06:52 ----D---- C:\Windows\system32\MRT
2015-10-14 20:03:26 ----A---- C:\Windows\system32\MRT.exe
2015-10-09 19:41:36 ----SD---- C:\Windows\system32\GWX
2015-10-07 20:44:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-03 21:25:10 ----D---- C:\Windows\system32\NDF
2015-10-03 20:36:13 ----D---- C:\Windows\system32\log
2015-10-02 17:19:28 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-30 274808]
R0 mvs91xx;mvs91xx; C:\Windows\System32\drivers\mvs91xx.sys [2013-10-11 328488]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-10-30 132656]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-10-30 1049880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-10-30 448968]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2007-11-07 104912]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-30 153744]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-10-30 274336]
R3 GeneStor;@oem1.inf,%GENESTOR.SvcDesc%;Genesys Logic Storage Driver; C:\Windows\System32\drivers\GeneStor.sys [2014-01-17 107208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-06 3956056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-05-20 12688328]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-05-30 20256]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@oem2.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 843480]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 avchv;@oem27.inf,%ServiceDesc%;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 WDC_SAM;@oem39.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-30 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 LavasoftTcpService;LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2015-10-24 2751760]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-05-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-05-30 21055432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-04-24 740568]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-10-30 4048280]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 caMyciloP;caMyciloP; C:\ProgramData\caMyciloP\caMyciloP.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SearchProtectionService;IE Search Set; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2015-10-24 17168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2014-09-30 81400]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-19 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-01-19 1074480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Hry\Origin\OriginClientService.exe [2015-02-18 1910128]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-04-24 901336]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-04-24 2244312]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2015-01-19 79360]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spouštění internetových stránek
Dvouklikem na soubor C:\Program Files\trend micro\Petr.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Mimochodem: vy tu máte více registrací, nebo uživatel spendlik je někdo jiný?
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... a906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... a906JY,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... a906JY,&q={searchTerms}
Mimochodem: vy tu máte více registrací, nebo uživatel spendlik je někdo jiný?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
spendlik.spidy
Re: spouštění internetových stránek
Dobrý den,
děkuji za pomoc. Co by jste mi doporučil za antivir ? Nově jsem si opět nainstaloval avast, který jsem již v minulosti několikrát měl. A spoustu dalších free verzí, ale nevím zda je to k něčemu dobré.
Spendlik je také moje registrace. Ani jsem o ní neveděl. Registrace spednlik.spidy se tedy může klidně zrušit.
děkuji za pomoc. Co by jste mi doporučil za antivir ? Nově jsem si opět nainstaloval avast, který jsem již v minulosti několikrát měl. A spoustu dalších free verzí, ale nevím zda je to k něčemu dobré.
Spendlik je také moje registrace. Ani jsem o ní neveděl. Registrace spednlik.spidy se tedy může klidně zrušit.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spouštění internetových stránek
OK, zruším. Avast je dobrá volba, na to, že je free, umí dost věcí. Alternativou je Avira: http://www.avira.com/en/download/produc ... -antivirus . Ve free verzi ovšem není v češtině. Aktuální a funkční antivir je určitě dobré v PC mít.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?