Dobré odpoledne .Prosím kontrolu logu z RSIT .Velice děkuji

[Doktorcz]

Systém je celkově pomalejší,hlavně třeba průzkumník velice dlouho načítá adresáře a složky.Stejně tak firefox se občas zasekne ale co hlavně ,při každém otevření prohlížeče se mi otevřou okna z minula(což je OK ale k nim jedno nové okno navíc s tímto vyhledávačem :
http://chedotgame.com/search/
Domovskou stránku mi to nezměnilo ,ale seznam vyhledávačuů ano (v poly hledat)

Stejně tak ovládání myší je takové nepřirozené (nedělá co by měla,občas zatuhne a naopak občas je moc rychlá.
PC jsem skenoval ADAware ,mbam a superantispyware.Všichni tři něco našli a smazali.
Díky za pomoc Pavel
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uživatel at 2016-01-20 16:13:13
Microsoft Windows 10 Pro
System drive C: has 76 GB (32%) free of 238 GB
Total RAM: 6143 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:13:33, on 20.1.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\360\360WangPan\360WangPan.exe
C:\Program Files (x86)\Inbox Storage\InboxStorage.exe
C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=6826
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [360cloud] "C:\Program Files (x86)\360\360WangPan\360WangPan.exe" /autostart
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Inbox Storage] "C:\Program Files (x86)\Inbox Storage\InboxStorage.exe" /STARTUP
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Chemtable Startup Checking - Chemtable Software - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group, LLC - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ???? (ZhuDongFangYu) - 360.cn - C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe

--
End of file - 13498 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\HitmanPro\hmpsched.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\360\360WangPan\360WangPan.exe" /autostart
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Inbox Storage\InboxStorage.exe" /STARTUP
szndesktop.exe default start
"C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files\SUPERAntiSpyware\f12eafc7-1916-4025-a843-c1df0d799e92.com"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding

"C:\Users\Uživatel\Downloads\Programs\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe60_ Global\UsGthrCtrlFltPipeMssGthrPipe60 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628

======Scheduled tasks folder======

C:\WINDOWS\tasks\8JZX6Df1iHpBQZqSwImqnCa1Lc.job - C:\Users\U�ivatel\AppData\Roaming\8JZX6Df1iHpBQZqSwImqnCa1Lc.exe --c=RZvS+imIa9tV0TAinYBurEz/xokP+tewzuV2HHALgVNfCZ5ol209BC4VVmqSbAIqZzOv9Kv4/OO6yd8QCyBO9VrEAjE2IMZcYZxbE0Ues13bPuMh8k21A3DJYeDpCbO9kJFM6MMH3aV+oc9EZlTAkk+2qbR/AHcdQYBURagQvYZ/BqPwsrgcQv5NchCJsLEVEGG1MWphGN4a6IfkfyqLnbzyiQAdGlLyZLRkcjxiucynLGCcdd7w7Of6PhbwzI1j5rP/atGLzegbT2GPtFiNVrmy+BLqC+u7JaqJYCQggdXQORqUdTu8jpzMz6yo9xsnX0n22iHH77+L/HmZORhl+w==
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\EkyjVZl9TU.job - C:\Users\U�ivatel\AppData\Roaming\EkyjVZl9TU.exe --c=F/+NNepL4KmOKRSPp6x1gjlH9TqBQVMwRBzKC7wFy15NNJLwwLFGkQzq08qclfKNvpMHr/qD3HF8fs2SwtLPwgOIBys1PaXis7+njjR90HJDT9nMzFYDCvMgZYiQhv7iwQPiDjl1nlzIXGmo+S9v54pdzdmD4t4pT5pK8TopnuSYpsmHy0D666w5wcxE995XM4u0eNBfh4LEuGujDFRhaVgObMGixlt2IzXaVEZFD0kbGy3mC7Y2hrFSLxizJ4LomDhUCTPsDzs3h99p6iFVOevwe6ssmiK478dUzxPrX8G4ywCR8FourVmLKgnoDzTkAhvSeosqQ2EIPufP88/jeg==
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\5zuf41l2.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@360.cn/npaxlogin]
"Description"=360 QuickLogin
"Path"=C:\Program Files (x86)\360\360safe\Utils\npaxlogin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/AuthorwarePlayer]
"Description"=Adobe Authorware Player
"Path"=C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-08-28 484376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\Spyware Terminator\STInternetGuard64.dll [2015-12-17 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-08 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31 433944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B69F34DD-F0F9-42DC-9EDD-957187DA688D}]
SafeMon Class - C:\Program Files (x86)\360\360safe\safemon\safemon64.dll [2015-10-24 1352304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-08-28 422936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-08 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-27 16409496]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-12-17 5318992]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-12-17 5557584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Uživatel\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"360cloud"=C:\Program Files (x86)\360\360WangPan\360WangPan.exe [2015-12-08 14528624]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2015-09-23 3907152]
"cz.seznam.software.autoupdate"=C:\Users\Uživatel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Uživatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Inbox Storage"=C:\Program Files (x86)\Inbox Storage\InboxStorage.exe [2015-08-31 4104552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]
"Uninstall C:\Users\Uživatel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-12-03 7935904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6133520]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
"Family Tree Builder Update"=C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2015-03-02 2477056]
"ISTray"=C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2012-11-01 2717816]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-06-13 66328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\1C5AC7CF.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27268288.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\1C5AC7CF.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\27268288.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MJPG"=C:\PROGRA~1\COMMON~1\PEGASU~1\pvmjpgx40.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-20 16:10:18 ----D---- C:\rsit
2016-01-20 10:25:44 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2016-01-19 15:00:54 ----D---- C:\Users\Uživatel\AppData\Roaming\Inbox Storage
2016-01-19 15:00:52 ----D---- C:\Program Files (x86)\Inbox Storage
2016-01-19 14:54:11 ----D---- C:\Users\Uživatel\AppData\Roaming\Spyware Terminator
2016-01-19 14:54:11 ----D---- C:\ProgramData\Spyware Terminator
2016-01-19 14:53:25 ----D---- C:\Program Files (x86)\Spyware Terminator
2016-01-19 14:29:57 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-19 14:15:43 ----A---- C:\WINDOWS\system32\drivers\PCTBD64.sys
2016-01-19 14:15:43 ----A---- C:\WINDOWS\SGDetectionTool.dll
2016-01-19 14:15:43 ----A---- C:\WINDOWS\PCTBDRes.dll
2016-01-19 14:15:43 ----A---- C:\WINDOWS\PCTBDCore.dll
2016-01-19 14:15:43 ----A---- C:\WINDOWS\BDTSupport.dll
2016-01-19 14:11:28 ----A---- C:\WINDOWS\system32\drivers\pctEFA64.sys
2016-01-19 14:11:28 ----A---- C:\WINDOWS\system32\drivers\pctDS64.sys
2016-01-19 14:11:26 ----A---- C:\WINDOWS\system32\drivers\pctwfpfilter64.sys
2016-01-19 14:11:26 ----A---- C:\WINDOWS\system32\drivers\pctgntdi64.sys
2016-01-19 14:11:17 ----A---- C:\WINDOWS\system32\drivers\PCTCore64.sys
2016-01-19 14:11:13 ----A---- C:\WINDOWS\system32\drivers\pctBTFix64.sys
2016-01-19 14:11:06 ----A---- C:\WINDOWS\system32\drivers\pctplsm64.sys
2016-01-19 14:11:06 ----A---- C:\WINDOWS\system32\drivers\pctplsg64.sys
2016-01-19 14:10:58 ----D---- C:\Program Files (x86)\PC Tools
2016-01-19 12:14:21 ----A---- C:\WINDOWS\system32\drivers\Cat.DB
2016-01-19 12:14:09 ----A---- C:\WINDOWS\system32\drivers\PCTSD64.sys
2016-01-19 12:13:31 ----D---- C:\ProgramData\PC Tools
2016-01-19 12:13:30 ----D---- C:\Users\Uživatel\AppData\Roaming\TestApp
2016-01-17 18:43:29 ----D---- C:\WINDOWS\Minidump
2016-01-17 18:43:11 ----ASH---- C:\pagefile.sys
2016-01-16 20:06:30 ----D---- C:\Program Files (x86)\Ariva Editor_SATELIT
2016-01-16 19:26:43 ----D---- C:\Users\Uživatel\AppData\Roaming\Homepager
2016-01-16 00:18:30 ----D---- C:\Users\Uživatel\AppData\Roaming\360WeChatClean
2016-01-16 00:16:31 ----A---- C:\WINDOWS\system32\drivers\DsArk64.sys
2016-01-16 00:14:06 ----D---- C:\ProgramData\360safe
2016-01-16 00:03:54 ----A---- C:\WINDOWS\system32\drivers\360reskit64.sys
2016-01-16 00:03:50 ----D---- C:\Users\Uživatel\AppData\Roaming\360mobilemgr
2016-01-16 00:03:42 ----A---- C:\WINDOWS\system32\drivers\BAPIDRV64.SYS
2016-01-16 00:03:42 ----A---- C:\WINDOWS\system32\drivers\360LanProtect.sys
2016-01-16 00:03:42 ----A---- C:\WINDOWS\system32\drivers\360FsFlt.sys
2016-01-16 00:03:40 ----A---- C:\WINDOWS\system32\drivers\360Hvm64.sys
2016-01-16 00:03:40 ----A---- C:\WINDOWS\system32\drivers\360Hvm64.dat
2016-01-16 00:03:40 ----A---- C:\WINDOWS\system32\drivers\360Camera64.sys
2016-01-16 00:03:40 ----A---- C:\WINDOWS\system32\drivers\360AntiHacker64.sys
2016-01-16 00:03:39 ----RSHD---- C:\360SANDBOX
2016-01-16 00:03:39 ----A---- C:\WINDOWS\system32\drivers\360Box64.sys
2016-01-16 00:03:29 ----A---- C:\WINDOWS\system32\drivers\360netmon.sys
2016-01-16 00:03:05 ----D---- C:\Users\Uživatel\AppData\Roaming\360Safe
2016-01-15 19:31:10 ----HD---- C:\OneDriveTemp
2016-01-13 16:35:25 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-13 16:35:24 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 16:35:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-01-13 16:35:19 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-01-13 16:35:14 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-01-13 16:35:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-13 16:35:11 ----A---- C:\WINDOWS\SYSWOW64\WMVSDECD.DLL
2016-01-13 16:35:11 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-13 16:35:11 ----A---- C:\WINDOWS\SYSWOW64\MP4SDECD.DLL
2016-01-13 16:35:11 ----A---- C:\WINDOWS\SYSWOW64\COLORCNV.DLL
2016-01-13 16:35:11 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 16:35:10 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 16:35:10 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\SYSWOW64\WMVENCOD.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\SYSWOW64\VIDRESZR.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\SYSWOW64\mfvdsp.dll
2016-01-13 16:35:09 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 16:35:09 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 16:35:08 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-13 16:35:08 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-13 16:35:08 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2016-01-13 16:35:08 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-13 16:35:08 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 16:35:08 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 16:35:07 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-13 16:35:07 ----A---- C:\WINDOWS\SYSWOW64\WMADMOE.DLL
2016-01-13 16:35:07 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 16:35:07 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 16:35:07 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:35:06 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-13 16:35:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-13 16:35:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-13 16:35:06 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 16:35:06 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-13 16:35:06 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-13 16:35:05 ----A---- C:\WINDOWS\SYSWOW64\MSMPEG2ENC.DLL
2016-01-13 16:35:05 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-01-13 16:35:05 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-13 16:35:05 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-13 16:35:05 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:35:04 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-13 16:35:04 ----A---- C:\WINDOWS\SYSWOW64\MFWMAAEC.DLL
2016-01-13 16:35:04 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 16:35:04 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-13 16:35:04 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 16:35:03 ----A---- C:\WINDOWS\SYSWOW64\devenum.dll
2016-01-13 16:35:03 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:35:03 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-13 16:35:03 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:35:03 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-13 16:35:02 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-13 16:35:02 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-13 16:35:02 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-01-13 16:35:01 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2016-01-13 16:35:01 ----A---- C:\WINDOWS\SYSWOW64\mfh264enc.dll
2016-01-13 16:35:01 ----A---- C:\WINDOWS\system32\mfh264enc.dll
2016-01-13 16:35:01 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 16:35:01 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-13 16:35:00 ----A---- C:\WINDOWS\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 16:35:00 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-13 16:35:00 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 16:35:00 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 16:34:59 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-01-13 16:34:41 ----A---- C:\WINDOWS\SYSWOW64\MP43DECD.DLL
2016-01-13 16:34:37 ----A---- C:\WINDOWS\SYSWOW64\MPG4DECD.DLL
2016-01-13 16:34:35 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 16:34:17 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-13 16:34:16 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2016-01-13 16:34:16 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-13 16:34:16 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 16:34:16 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 16:34:16 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 16:34:16 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-13 16:34:16 ----A---- C:\WINDOWS\system32\mfds.dll
2016-01-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2016-01-13 16:34:15 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-13 16:34:15 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-13 16:34:15 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:34:14 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-13 16:34:14 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\usermgrcli.dll
2016-01-13 16:34:13 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-13 16:34:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:34:13 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 16:34:13 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 16:34:12 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-12 15:19:50 ----A---- C:\TDSSKiller.3.1.0.9_12.01.2016_15.19.50_log.txt
2016-01-12 14:31:53 ----A---- C:\WINDOWS\system32\drivers\86425349.sys
2016-01-12 14:31:05 ----A---- C:\WINDOWS\system32\drivers\1C5AC7CF.sys
2016-01-12 13:51:48 ----D---- C:\Users\Uživatel\AppData\Roaming\AVG
2016-01-12 13:49:39 ----D---- C:\ProgramData\Avg
2016-01-10 12:08:27 ----N---- C:\WINDOWS\system32\pwdspio.sys
2016-01-10 12:07:48 ----A---- C:\pw-debug.txt
2016-01-10 12:02:23 ----N---- C:\WINDOWS\system32\pwdrvio.sys
2016-01-10 12:02:23 ----A---- C:\WINDOWS\system32\pwNative.exe
2016-01-10 12:01:39 ----D---- C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-01-10 11:05:44 ----D---- C:\Program Files (x86)\Remo Repair AVI 2.0
2016-01-10 11:00:06 ----D---- C:\Program Files (x86)\GRETECH
2016-01-10 10:47:00 ----D---- C:\Program Files\VIRTUALDUB
2016-01-09 20:08:53 ----D---- C:\Brother's Keeper 7
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\unicows.dll
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFWPG12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFPSD12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFPNG12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFPCX12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFPCD12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFMSP12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFMPG12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFLMB12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFLMA12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFIMG12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFGIF12N.DLL
2016-01-09 20:07:12 ----A---- C:\WINDOWS\SYSWOW64\LFEPS12N.DLL
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\wbtrv32.dll
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\w32mkrc.dll
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\w32mkde.exe
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\vsort.com
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\qpro32.dll
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\LTTWN12N.DLL
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\LTANN12N.DLL
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\LFAVI12N.DLL
2016-01-09 20:07:11 ----A---- C:\WINDOWS\SYSWOW64\comppl32.dll
2016-01-09 20:07:09 ----D---- C:\Program Files (x86)\Brother's Keeper 7
2016-01-09 17:01:20 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-01-07 17:14:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-01-06 08:42:03 ----D---- C:\Users\Uživatel\AppData\Roaming\MyHeritage
2016-01-06 08:42:03 ----D---- C:\ProgramData\MyHeritage
2016-01-06 08:41:40 ----A---- C:\WINDOWS\SYSWOW64\PDFDocScout.DLL
2016-01-06 08:41:40 ----A---- C:\WINDOWS\SYSWOW64\PaintX.dll
2016-01-06 08:41:40 ----A---- C:\WINDOWS\SYSWOW64\ijl15.dll
2016-01-06 08:41:39 ----D---- C:\Users\Uživatel\AppData\Roaming\The Complete Genealogy Reporter - FTB
2016-01-06 08:40:47 ----D---- C:\Program Files (x86)\MyHeritage
2016-01-05 19:43:18 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-01-01 20:18:30 ----D---- C:\Users\Uživatel\AppData\Roaming\Notepad++
2016-01-01 20:18:30 ----D---- C:\Program Files (x86)\Notepad++
2015-12-26 10:35:57 ----A---- C:\WINDOWS\SYSWOW64\xvidvfw.dll
2015-12-26 10:35:57 ----A---- C:\WINDOWS\SYSWOW64\xvidcore.dll
2015-12-26 10:35:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2015-12-26 10:35:57 ----A---- C:\WINDOWS\system32\xvidcore.dll

======List of files/folders modified in the last 1 month======

2016-01-20 16:13:29 ----D---- C:\Users\Uživatel\AppData\Roaming\Copy
2016-01-20 16:13:26 ----D---- C:\Program Files\trend micro
2016-01-20 16:13:13 ----D---- C:\WINDOWS\Temp
2016-01-20 16:12:59 ----D---- C:\Users\Uživatel\AppData\Roaming\DMCache
2016-01-20 16:12:13 ----D---- C:\Users\Uživatel\AppData\Roaming\uTorrent
2016-01-20 16:10:03 ----D---- C:\WINDOWS\system32\sru
2016-01-20 16:06:09 ----D---- C:\WINDOWS\System32
2016-01-20 15:05:06 ----D---- C:\WINDOWS\system32\config
2016-01-20 15:00:15 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-20 14:37:37 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-20 11:22:20 ----D---- C:\Program Files (x86)\Opera
2016-01-20 11:22:17 ----D---- C:\WINDOWS\system32\Tasks
2016-01-20 11:04:29 ----D---- C:\WINDOWS\INF
2016-01-20 11:04:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-20 10:26:48 ----D---- C:\Program Files\SUPERAntiSpyware
2016-01-20 10:25:44 ----D---- C:\WINDOWS\system32\drivers
2016-01-20 10:24:50 ----AD---- C:\ProgramData\TEMP
2016-01-20 10:14:43 ----D---- C:\Windows
2016-01-20 10:14:37 ----D---- C:\Users\Uživatel\AppData\Roaming\Seznam.cz
2016-01-20 10:11:24 ----D---- C:\Users\Uživatel\AppData\Roaming\Dropbox
2016-01-20 10:00:06 ----D---- C:\AdwCleaner
2016-01-20 08:47:25 ----D---- C:\WINDOWS\AppReadiness
2016-01-20 08:47:02 ----HD---- C:\Program Files\WindowsApps
2016-01-20 01:04:47 ----D---- C:\Program Files (x86)\Internet Explorer
2016-01-20 01:00:18 ----SHD---- C:\System Volume Information
2016-01-19 16:44:10 ----D---- C:\Users\Uživatel\AppData\Roaming\360CloudUI
2016-01-19 15:00:52 ----RD---- C:\Program Files (x86)
2016-01-19 14:54:11 ----HD---- C:\ProgramData
2016-01-19 14:28:26 ----RD---- C:\VIRUSESKA
2016-01-19 14:11:36 ----SHD---- C:\WINDOWS\Installer
2016-01-19 14:11:36 ----SHD---- C:\Config.Msi
2016-01-19 12:14:09 ----D---- C:\Program Files (x86)\Common Files
2016-01-16 22:43:20 ----D---- C:\WINDOWS\debug
2016-01-16 22:42:14 ----D---- C:\WINDOWS\Globalization
2016-01-16 17:16:14 ----D---- C:\Users\Uživatel\AppData\Roaming\IDM
2016-01-16 05:28:29 ----D---- C:\WINDOWS\SoftwareDistribution
2016-01-16 00:33:59 ----RD---- C:\Program Files (x86)\Skype
2016-01-16 00:07:14 ----D---- C:\Users\Uživatel\AppData\Roaming\Winamp
2016-01-16 00:07:10 ----D---- C:\Program Files (x86)\UltraISO
2016-01-16 00:03:32 ----D---- C:\WINDOWS\SysWOW64
2016-01-16 00:03:10 ----D---- C:\Program Files (x86)\360
2016-01-15 19:26:44 ----D---- C:\WINDOWS\system32\LogFiles
2016-01-15 19:20:01 ----D---- C:\WINDOWS\WinSxS
2016-01-15 19:14:22 ----D---- C:\WINDOWS\AppPatch
2016-01-15 15:22:26 ----D---- C:\WINDOWS\system32\MRT
2016-01-15 15:16:52 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-13 18:12:15 ----D---- C:\WINDOWS\CbsTemp
2016-01-13 16:26:47 ----D---- C:\WINDOWS\system32\catroot2
2016-01-12 13:49:39 ----HD---- C:\ProgramData\Common Files
2016-01-10 18:44:03 ----D---- C:\Users\Uživatel\AppData\Roaming\vlc
2016-01-10 14:12:54 ----D---- C:\Users\Uživatel\AppData\Roaming\AIMP3
2016-01-10 13:16:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 13:15:34 ----D---- C:\WINDOWS\Tasks
2016-01-10 12:01:39 ----RD---- C:\Program Files
2015-12-29 11:28:07 ----HD---- C:\ProgramData\CanonIJMIG
2015-12-26 10:36:14 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2015-12-21 08:21:39 ----D---- C:\WINDOWS\SchCache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-10-08 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-10-08 274808]
R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2014-12-15 60968]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2014-12-15 48168]
R0 JRAID;JRAID; C:\WINDOWS\System32\drivers\jraid.sys [2015-01-18 123704]
R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore64.sys [2012-10-22 413448]
R0 pctDS;PC Tools Data Store; C:\WINDOWS\system32\drivers\pctDS64.sys [2012-02-28 453896]
R0 pctEFA;PC Tools Extended File Attributes; C:\WINDOWS\system32\drivers\pctEFA64.sys [2012-02-28 1096176]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 19152]
R1 360Box64;360Box mini-filter driver; C:\WINDOWS\system32\DRIVERS\360Box64.sys [2015-10-16 321616]
R1 360FsFlt;360FsFlt mini-filter driver; C:\WINDOWS\system32\DRIVERS\360FsFlt.sys [2015-12-11 375376]
R1 360netmon;360netmon; C:\WINDOWS\system32\DRIVERS\360netmon.sys [2014-12-24 72776]
R1 360reskit64;360reskit driver; \??\C:\WINDOWS\system32\drivers\360reskit64.sys [2015-09-24 65104]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-10-08 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-11-27 46368]
R1 BAPIDRV;BAPIDRV; C:\WINDOWS\system32\DRIVERS\BAPIDRV64.sys [2015-12-01 181328]
R1 EUDSKACS;EUDSKACS; \??\C:\Windows\system32\drivers\eudskacs.sys [2014-12-15 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\Windows\system32\drivers\EuFdDisk.sys [2014-12-15 192040]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-18 26528]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [2010-01-29 115600]
R1 PCTSD;PC Tools Spyware Doctor Driver; C:\WINDOWS\System32\Drivers\PCTSD64.sys [2012-11-01 253256]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-10-08 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-10-08 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-10-08 153744]
R2 IDMWFP;IDMWFP; C:\WINDOWS\system32\DRIVERS\idmwfp.sys [2015-06-12 197616]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 AtcL001;@oem14.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\System32\drivers\l160x64.sys [2009-10-13 61440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-11-27 4686592]
R3 LHidFilt;@oem18.inf,%LHidFilt.SvcDesc%;Logicool SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2015-06-18 86672]
R3 LMouFilt;@oem18.inf,%LMouFilt.SvcDesc%;Logicool SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2015-06-18 69264]
R3 LUsbFilt;@oem15.inf,%FltDisplayName%;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2015-06-18 50832]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-11-13 175104]
R3 MTsensor;@oem29.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2015-03-29 15416]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-11-23 12907704]
R3 PCTBD;PC Tools Browser Defender Driver; C:\WINDOWS\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
R3 pctplsm;pctplsm; \??\C:\Windows\System32\drivers\pctplsm64.sys [2012-11-01 87968]
R3 RTL8023x64;@oem30.inf,%Rtlnicx64.Service.DispName%;Realtek 10/100 NIC Family NDIS x64 Driver; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [2015-01-18 61656]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-11-16 42600]
R4 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi64.sys [2012-10-31 347016]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\WINDOWS\system32\DRIVERS\stflt.sys [2011-08-24 51496]
S3 360AntiHacker;360Safe Anti Hacker Service; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [2015-12-21 137808]
S3 360Camera;360Safe Camera Filter Service; C:\WINDOWS\System32\Drivers\360Camera64.sys [2014-04-18 40520]
S3 athur;@oem90.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\System32\drivers\athurx.sys [2015-12-13 1847296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 dg_ssudbus;@oem33.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-05-21 110720]
S3 DsArk;DsArk; C:\WINDOWS\System32\drivers\DsArk64.sys [2015-07-02 136272]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2015-03-29 82816]
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys [2013-09-30 12504]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 ssudmdm;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-05-21 206080]
S4 360Hvm;360Safe HVM; C:\WINDOWS\System32\Drivers\360Hvm64.sys [2015-11-25 191568]
S4 pctplsg;pctplsg; \??\C:\Windows\System32\drivers\pctplsg64.sys [2012-11-01 93600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-08 146600]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2015-01-04 127752]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2015-07-03 1075968]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-11-13 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-13 933168]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-10-31 403416]
R2 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-11-01 1162360]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-05-21 743688]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-12-17 3267408]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28 136048]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session3;Hostitel synchronizace_Session3; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-05 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-07-10 50352]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-28 136048]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session3;Data kontaktů_Session3; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Doktorcz]

Ještě jsem zapoměl dodat,že mi něco změnilo ikony u zástupců na ploše a hlavním panelu.

[Roli]

Zdravím, v první řadě odinstaluj vše od Seznamu.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

[Doktorcz]

odinstalováno ,Vyčištěno , a tady je log :





# AdwCleaner v5.030 - Logfile created 20/01/2016 at 18:25:36
# Updated 17/01/2016 by Xplode
# Database : 2016-01-11.2 [Local]
# Operating system : Windows 10 Pro (x64)
# Username : Uživatel - UZIVATEL_PC
# Running from : C:\Users\Uživatel\Desktop\adwcleaner_5.030_3.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : sp_rsdrv2

***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\5zuf41l2.default\prefs.js] [Preference] Deleted : user_pref("browser.safebrowsing.appRepURL", "hxxps://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_API_KEY%");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C16].txt - [949 bytes] ##########

[Roli]

odinstalováno ,Vyčištěno

Ještě mrknem hlouběji.

Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)

[Doktorcz]

Total 12511531763 bytes in 65063 files scanned (78270 objects)
Total 65006 files (78207 objects) are clean
Total 4 files are infected
Total 59 files are raised error condition
Scan time is 00:35:44.273

[Roli]

Bezva, uklizeno vyčištěno, jak se PC chová ?

[Doktorcz]

Co se týká PC -rychlost systému a tak ,zdá se OK.
Změna,ale nenastala v prohlížeči s otevíráním jednoho okna navíc (firefox) a v něm víše zmíněný vyhledávač http://chedotgame.com/search/ a i změněné ikony programů přetrvávají . Samozřejmě i po restartech. Např. Logitech quick cam (SW)má ikonu od Opery (takový to ,,O´´ a opera sama jako taková mi úplně zmizela z PC .Když jí dám znova nainstalovat,po prvním restartu zase vše stejné.A ještě jedna věc ,na hlavním panelu mám programy třeba firefox ,chrome atd a když je spustím,tak je tam mám dvakrát.Prostě s otevřením mi tam přibude druhá ikona.Jestli by to mohlo mít s něčím souvyslost.

[Roli]

Ten vyhledávač ve Firefoxu smaž.

Změněné ikony programů se dají napravit tak, že na něj klikneš pravým myšítkem a dáš Otevřít v, vybereš program ze seznamu a dole zatrhneš Vždy použít.

To že máš při spuštění programu dvě ikony je divné a fakt nevím co s tím.

Jak jsi dělal upgrade na Win 10 ?

[Doktorcz]

Upgrad nebyl jako čistá instalace,ale z CD ( myslím že z Chip PC) ale to nedělalo.Mám cca 3 nebo 4 měsíce win 10 a v pohodě. Tohle všechno přišlo naráz. ale za boha nevim ,co jsem instaloval a s čím by to tam mohlo vlézt.Protože všechno jinak je v pohodě a používal jsem to už před tim,než to začalo.
Z vyhledávače to smáznu,ale po restartu je to tam znova. V doplňkách ani rozšíření to není.

Přikládám fotku. Otevřený firefox + chrome . Ta stránka je při spuštění už i v chrome (viz foto.) a znovu jsem nainstaloval operu a je to i tam. Takže je to někde zalizlí v PC.

[Roli]

Troufneš si do registrů ?

Pokud ano, stiskni klávesy Windows + R do okna Spustit >> napiš - regedit >> Enter.

Nahoře v okně klik na Úpravy pak vyber Najít a tam zkopíruj chedotgame.com a klik na Enter, to co najde smaž.

Přes F3 opakovaně hledej tak dlouho až nic nenalezne.

Pak restart PC a dej vědět zda to zabralo.

[Doktorcz]

JJ to už jsem zkoušel. Nenajde vůbec nic.

[Roli]

JJ to už jsem zkoušel. Nenajde vůbec nic.

Ještě to zkus najít přímo v systému pomocí SystemLook

spusť aplikaci a do otevřeného okna zkopíruj :

Kód: Vybrat vše

:filefind
*chedotgame*

pak klik na Look aplikace vytvoří SystemLook.txt jeho obsah mi sem zkopíruj.

P.S. nemám to na desítkách vyzkoušené, možná se softík ani nerozjede.

[Doktorcz]

Rozjelo se to v pohodě.Ještě jsem teď zjistil,že tam nejdříve skočí tahle stánka - cooocs.com a hned se to přesměruje na ten vyhledávač chedotgame.našel jsem tohle : http://website.informer.com/cooocs.com
Zkusil jsem ještě jednou ty registry s tím cooocs a bez výsledku a to same i se systemlook tady jsou oba logy.


SystemLook 30.07.11 by jpshortstuff
Log created at 09:14 on 27/01/2016 by Uživatel
Administrator - Elevation successful

========== filefind ==========

Searching for "*chedotgame*"
No files found.

-= EOF =-


SystemLook 30.07.11 by jpshortstuff
Log created at 09:21 on 27/01/2016 by Uživatel
Administrator - Elevation successful

========== filefind ==========

Searching for "*cooocs.com*"
No files found.

-= EOF =-

[Roli]

Ještě mě napadá použít Este Online Scanner.

Pokud nezabere ani ten udělal bych čistou instalaci OS, protože je to zavrtané kdoví kde.

I když možná bys mi sem mohl dát log z FRST, třeba uvidí více.