Vyskakovací reklamy v Chromu a ostatních prohlížečích

[Try]

Zdravím,
mám takoví menší problém. Používám už hodně dlouho Chrome a toto se mi děje až poslední měsíc. Problém je ten, že když kliknu na nějaký odkaz, buď přímo v tom okně nebo se mi otevře v jiném okně reklama, nebo se i někdy stane to, že reklama se objeví ve stávajícím okně, ale v novém otevře stránku, kde jsem na odkaz klikla. Měla jsem podobný problém i chvíli a starém NTB, ale prohrabala jsem se programy, zda mi nějaký nic říká a odinstaloval jsem ho, od té doby problémy nebyly. To samé jsem též učinila i na novém NTB, ale bohužel reklamy stále vyskakují.
Budu ráda za rady. Předem děkuji

přikládám log, jen se mnou mějte prosím strpení, nejsem zas takoví odborník, co se týká PC, ale doufám, že mi někdo pomůže.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hana Vaníčková at 2016-02-03 22:02:06
Microsoft Windows 10 Home
System drive C: has 124 GB (32%) free of 381 GB
Total RAM: 8094 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:06, on 03.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Hana Vaníčková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 158.255.238.129 google-analytics.com
O1 - Hosts: 158.255.238.129 www.google-analytics.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10875 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b26773b7-e8dc-4378-a7ce-f30adb84369d -SystemEventPortName:HostProcess-1542ea09-22f2-4054-93c8-293235ee605d -IoCancelEventPortName:HostProcess-38088436-4520-4dad-8e22-1862237e37a5 -NonStateChangingEventPortName:HostProcess-3a54aeec-6b08-4a8f-b2e6-061559074599 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4ac7fa04-ff60-497b-b936-e2b6f8f0a053 -DeviceGroupId:
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
dashost.exe {b347208c-4117-4dca-971164ca4cb5c58e}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"fontdrvhost.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2940.0.2072418334\386586876" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4268 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.8.780523842\1603812415" --font-cache-shared-handle=7252 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.11.1968981519\2104511315" --font-cache-shared-handle=7696 /prefetch:673131151
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2940.15.708231320\962225645" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=5392 --ignored=" --type=renderer " /prefetch:-632637702

"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.24.934132784\1628616155" --font-cache-shared-handle=2436 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.27.694152564\437593789" --font-cache-shared-handle=8944 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.35.1575882730\757438874" --font-cache-shared-handle=5144 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2940.38.407203196\1176099777" --font-cache-shared-handle=4848 /prefetch:673131151

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 608 604 616 8192 612
"D:\Users\Hana Vaníčková\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-11 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-11 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-04 548552]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-11 7021880]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2016-02-03 21:42:59 ----D---- C:\rsit
2016-02-03 21:42:59 ----D---- C:\Program Files\trend micro
2016-02-03 21:28:33 ----A---- C:\Windows\system32\drivers\spyemrg_guard.sys
2016-02-03 21:28:29 ----D---- C:\Program Files\NETGATE
2016-02-03 17:46:47 ----SHD---- C:\Config.Msi
2016-02-03 17:40:11 ----A---- C:\Windows\wininit.ini
2016-02-03 15:02:52 ----D---- C:\Program Files\Common Files\AV
2016-02-03 14:49:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-03 14:49:55 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-03 13:44:24 ----A---- C:\autoexec.bat
2016-02-01 13:03:33 ----D---- C:\ProgramData\CanonIJ
2016-02-01 12:55:24 ----HD---- C:\ProgramData\CanonIJEGV
2016-02-01 12:53:47 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-01 12:53:39 ----D---- C:\ProgramData\CanonIJPLM
2016-02-01 12:50:57 ----D---- C:\Program Files\Canon
2016-02-01 12:50:18 ----HD---- C:\ProgramData\CanonBJ
2016-02-01 12:50:11 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-01 12:50:06 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-01 12:49:48 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-01 12:49:47 ----A---- C:\Windows\system32\CNMIUAA.DLL
2016-02-01 12:49:42 ----HD---- C:\Program Files\CanonBJ
2016-01-22 20:43:48 ----HD---- C:\ProgramData\CanonIJScan
2016-01-22 20:43:46 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Canon
2016-01-19 18:40:17 ----D---- C:\ProgramData\EA Core
2016-01-17 19:27:04 ----D---- C:\ProgramData\ASUS Smart Gesture
2016-01-17 14:52:20 ----D---- C:\ProgramData\SetupTPDriver
2016-01-17 14:52:11 ----A---- C:\Windows\system32\ASGCoInstaller_x64.dll
2016-01-13 19:48:04 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-12 22:02:01 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-12 22:02:01 ----A---- C:\Windows\system32\schannel.dll
2016-01-12 22:02:00 ----A---- C:\Windows\system32\edgehtml.dll
2016-01-12 22:01:56 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-01-12 22:01:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-12 22:01:48 ----A---- C:\Windows\system32\mshtml.dll
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-12 22:01:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-12 22:01:41 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-12 22:01:40 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-12 22:01:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-12 22:01:38 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-12 22:01:36 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-12 22:01:35 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-12 22:01:35 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aepic.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aeinv.dll
2016-01-12 22:01:32 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\evr.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\system32\advapi32.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\qedit.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-12 22:01:29 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mftranscode.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mfcore.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\devenum.dll
2016-01-12 22:01:28 ----A---- C:\Windows\system32\Chakra.dll
2016-01-12 22:01:27 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-12 22:01:27 ----A---- C:\Windows\system32\invagent.dll
2016-01-12 22:01:26 ----A---- C:\Windows\system32\generaltel.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\devinv.dll
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-01-12 22:01:24 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\system32\qdvd.dll
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgrcli.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgr.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\mfds.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-12 22:01:21 ----A---- C:\Windows\system32\winlogon.exe
2016-01-12 22:01:21 ----A---- C:\Windows\system32\gdi32.dll
2016-01-12 22:01:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\mfps.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\appraiser.dll
2016-01-12 22:01:17 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-12 22:01:17 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\Chakradiag.dll
2016-01-10 18:27:54 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonIJEPPEX2
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonEPP
2016-01-10 18:26:30 ----D---- C:\ProgramData\CanonIJMSetup
2016-01-10 18:00:25 ----D---- C:\Program Files\Common Files\CANON
2016-01-10 18:00:14 ----D---- C:\ProgramData\CanonIJWSpt
2016-01-10 17:58:39 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2016-01-10 17:58:39 ----A---- C:\Windows\system32\CNHMCA6.dll
2016-01-10 17:58:27 ----A---- C:\Windows\system32\CNMLMAA.DLL
2016-01-10 17:58:01 ----D---- C:\Program Files (x86)\Canon
2016-01-09 20:10:25 ----D---- C:\AdwCleaner
2016-01-09 20:08:54 ----D---- C:\ProgramData\Malwarebytes
2016-01-09 20:00:57 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\kingsoft
2016-01-09 17:29:53 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\MAGIX
2016-01-09 17:29:53 ----D---- C:\ProgramData\MAGIX
2016-01-09 14:24:59 ----A---- C:\Windows\SYSWOW64\DLLDEV32i.dll
2016-01-09 14:24:09 ----D---- C:\KMPlayer
2016-01-09 14:18:19 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\BANDISOFT
2016-01-09 14:18:12 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\NVIDIA
2016-01-09 14:17:55 ----D---- C:\Program Files (x86)\Bandicam
2016-01-09 14:17:54 ----D---- C:\Program Files (x86)\BandiMPEG1
2016-01-04 16:43:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2016-01-04 16:43:08 ----D---- C:\Windows\PCHEALTH
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-04 16:41:37 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-01-04 16:41:17 ----D---- C:\Program Files\Microsoft Office
2016-01-04 16:40:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-01-04 16:40:21 ----RHD---- C:\MSOCache
2015-12-31 22:20:24 ----D---- C:\Program Files (x86)\Origin Games
2015-12-31 22:19:54 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Origin
2015-12-31 22:13:58 ----D---- C:\ProgramData\Origin
2015-12-31 22:13:58 ----D---- C:\ProgramData\Electronic Arts
2015-12-31 22:13:49 ----D---- C:\Program Files (x86)\Origin
2015-12-29 20:45:45 ----D---- C:\Program Files (x86)\Electronic Arts
2015-12-29 20:43:16 ----D---- C:\Program Files (x86)\VS Revo Group
2015-12-29 18:44:48 ----RA---- C:\Windows\SYSWOW64\vp6vfw.dll
2015-12-29 18:44:43 ----D---- C:\Program Files (x86)\Microsoft WSE
2015-12-28 17:38:53 ----D---- C:\ProgramData\Steam
2015-12-28 17:38:53 ----D---- C:\ProgramData\Orbit
2015-12-28 17:05:30 ----D---- C:\Saves
2015-12-28 17:04:42 ----D---- C:\Windows\SYSWOW64\AGEIA
2015-12-28 17:04:42 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-12-27 00:58:12 ----D---- C:\Windows\Minidump
2015-12-25 21:28:11 ----A---- C:\Windows\system32\drivers\ssudserd.sys
2015-12-25 21:28:08 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2015-12-25 21:27:07 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2015-12-23 18:12:32 ----D---- C:\Windows\AutoKMS
2015-12-23 18:10:05 ----D---- C:\ProgramData\Microsoft Toolkit
2015-12-23 17:42:28 ----D---- C:\ProgramData\Microsoft Help
2015-12-21 00:46:42 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Theta
2015-12-20 23:45:14 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\PunkBuster
2015-12-20 23:08:38 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Ubisoft
2015-12-20 23:02:39 ----D---- C:\ProgramData\Ubisoft
2015-12-20 21:24:32 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\InstallShield
2015-12-20 21:16:55 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-12-20 21:13:34 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2015-12-20 13:46:18 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2015-12-20 13:45:30 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-12-19 21:37:33 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\uplay
2015-12-11 22:19:18 ----D---- C:\Program Files\CCleaner
2015-12-11 19:05:26 ----A---- C:\AVScanner.ini
2015-12-11 18:52:01 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\AVAST Software
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswsp.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-11 18:51:37 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-11 18:51:31 ----A---- C:\Windows\avastSS.scr
2015-12-11 18:37:30 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DAEMON Tools Lite
2015-12-11 18:37:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-12-11 18:26:01 ----D---- C:\Program Files (x86)\Adobe
2015-12-11 18:25:41 ----D---- C:\ProgramData\Adobe
2015-12-11 17:54:57 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\WildTangent
2015-12-10 21:58:08 ----D---- C:\Program Files (x86)\CBR Reader
2015-12-10 21:22:08 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Free Picture Solutions
2015-12-10 21:03:43 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\uTorrent
2015-12-10 17:48:23 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\SYSTEMAX Software Development
2015-12-10 17:48:23 ----D---- C:\ProgramData\SYSTEMAX Software Development
2015-12-10 17:46:29 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\WinRAR
2015-12-10 17:45:59 ----D---- C:\Program Files\WinRAR
2015-12-08 21:15:14 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-08 21:15:13 ----A---- C:\Windows\system32\ieframe.dll
2015-12-08 21:15:11 ----A---- C:\Windows\system32\win32kfull.sys
2015-12-08 21:15:11 ----A---- C:\Windows\system32\win32kbase.sys
2015-12-08 21:15:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-08 21:15:08 ----A---- C:\Windows\system32\iertutil.dll
2015-12-08 21:15:07 ----A---- C:\Windows\system32\GdiPlus.dll
2015-12-08 21:15:06 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2015-12-08 21:15:06 ----A---- C:\Windows\system32\SRHInproc.dll
2015-12-08 21:15:06 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-12-08 21:15:06 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-12-08 21:15:05 ----A---- C:\Windows\SYSWOW64\SRHInproc.dll
2015-12-08 21:15:05 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-08 21:15:04 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2015-12-08 21:15:04 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-08 21:15:04 ----A---- C:\Windows\system32\Windows.Globalization.dll
2015-12-08 21:15:04 ----A---- C:\Windows\system32\user32.dll
2015-12-08 21:15:04 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-08 21:15:02 ----A---- C:\Windows\SYSWOW64\SRH.dll
2015-12-08 21:15:02 ----A---- C:\Windows\system32\SRH.dll
2015-12-08 21:15:01 ----A---- C:\Windows\SYSWOW64\Magnify.exe
2015-12-08 21:15:01 ----A---- C:\Windows\system32\Magnify.exe
2015-12-08 21:14:59 ----A---- C:\Windows\system32\ninput.dll
2015-12-08 21:14:59 ----A---- C:\Windows\system32\ieui.dll
2015-12-08 21:14:59 ----A---- C:\Windows\system32\duser.dll
2015-12-08 21:14:58 ----A---- C:\Windows\SYSWOW64\ninput.dll
2015-12-08 21:14:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-08 21:14:57 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-12-08 21:14:57 ----A---- C:\Windows\SYSWOW64\duser.dll
2015-12-08 21:14:57 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-08 21:14:57 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-08 21:14:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-12-08 21:14:56 ----A---- C:\Windows\system32\dot3mm.dll
2015-12-08 21:14:56 ----A---- C:\Windows\system32\DAMM.dll
2015-12-08 21:14:56 ----A---- C:\Windows\explorer.exe
2015-12-08 21:14:55 ----A---- C:\Windows\system32\profsvc.dll
2015-12-08 21:14:55 ----A---- C:\Windows\system32\authui.dll
2015-12-08 21:14:54 ----A---- C:\Windows\SYSWOW64\comdlg32.dll
2015-12-08 21:14:54 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-12-08 21:14:54 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-08 21:14:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-12-08 21:14:53 ----A---- C:\Windows\system32\WlanMediaManager.dll
2015-12-08 21:14:53 ----A---- C:\Windows\system32\RasMediaManager.dll
2015-12-08 21:14:53 ----A---- C:\Windows\system32\ntdll.dll
2015-12-08 21:14:53 ----A---- C:\Windows\system32\NetworkUXBroker.exe
2015-12-08 21:14:53 ----A---- C:\Windows\system32\DAMediaManager.dll
2015-12-08 21:14:52 ----A---- C:\Windows\system32\MBMediaManager.dll
2015-12-08 21:14:52 ----A---- C:\Windows\system32\EthernetMediaManager.dll
2015-12-08 21:14:52 ----A---- C:\Windows\system32\comdlg32.dll
2015-12-08 21:14:51 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2015-12-08 21:14:50 ----A---- C:\Windows\SYSWOW64\userenv.dll
2015-12-08 21:14:50 ----A---- C:\Windows\system32\userenv.dll
2015-12-08 21:14:50 ----A---- C:\Windows\system32\shutdownux.dll
2015-12-08 21:14:50 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2015-12-08 21:14:50 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-12-08 21:14:49 ----A---- C:\Windows\system32\psmsrv.dll
2015-12-08 21:14:49 ----A---- C:\Windows\system32\drivers\gpuenergydrv.sys
2015-12-08 21:14:48 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-12-08 21:14:48 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-12-08 21:14:47 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2015-12-08 21:14:47 ----A---- C:\Windows\SYSWOW64\KBDAZST.DLL
2015-12-08 21:14:47 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2015-12-08 21:14:47 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2015-12-08 21:14:47 ----A---- C:\Windows\system32\KBDAZST.DLL
2015-12-08 21:14:47 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-12-08 21:14:44 ----A---- C:\Windows\SYSWOW64\profext.dll
2015-12-08 21:14:43 ----A---- C:\Windows\system32\profext.dll
2015-12-08 21:14:41 ----A---- C:\Windows\system32\jscript9.dll
2015-12-08 21:14:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-05 13:57:54 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-12-05 13:57:54 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-12-05 13:57:54 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-12-05 13:57:54 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-12-05 13:57:53 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-12-05 13:57:53 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2015-12-05 13:57:53 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-12-05 13:57:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-12-05 13:57:53 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-12-05 13:57:53 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-12-05 13:57:53 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-12-05 13:57:53 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-12-05 13:57:52 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2015-12-05 13:57:52 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2015-12-05 13:57:52 ----A---- C:\Windows\system32\D3DX9_43.dll
2015-12-05 13:57:52 ----A---- C:\Windows\system32\d3dx10_43.dll
2015-12-05 13:57:51 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-12-05 13:57:51 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-12-05 13:57:51 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-12-05 13:57:51 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-12-05 13:57:51 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-12-05 13:57:51 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-12-05 13:57:50 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-12-05 13:57:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-12-05 13:57:50 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-12-05 13:57:50 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-12-05 13:57:49 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-12-05 13:57:49 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-12-05 13:57:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-12-05 13:57:48 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-12-05 13:57:47 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-12-05 13:57:46 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2015-12-05 13:57:46 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-12-05 13:57:46 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-12-05 13:57:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-12-05 13:57:46 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-12-05 13:57:46 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-12-05 13:57:46 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-12-05 13:57:46 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-12-05 13:57:45 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-12-05 13:57:45 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-12-05 13:57:45 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-12-05 13:57:45 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-12-05 13:57:44 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-12-05 13:57:44 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-12-05 13:57:44 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-12-05 13:57:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-12-05 13:57:44 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-12-05 13:57:44 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-12-05 13:57:44 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-12-05 13:57:44 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-12-05 13:57:43 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-12-05 13:57:43 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-12-05 13:57:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-12-05 13:57:42 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-12-05 13:57:41 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-12-05 13:57:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-12-05 13:57:41 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-12-05 13:57:41 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-12-05 13:57:40 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-12-05 13:57:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-12-05 13:57:40 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-12-05 13:57:40 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-12-05 13:57:40 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-12-05 13:57:40 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-12-05 13:57:40 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-12-05 13:57:40 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-12-05 13:57:39 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-12-05 13:57:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-12-05 13:57:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-12-05 13:57:39 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-12-05 13:57:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-12-05 13:57:39 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-12-05 13:57:39 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-12-05 13:57:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-12-05 13:57:39 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-12-05 13:57:39 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-12-05 13:57:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-12-05 13:57:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-12-05 13:57:37 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-12-05 13:57:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-12-05 13:57:37 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-12-05 13:57:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-12-05 13:57:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-12-05 13:57:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-12-05 13:57:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-12-05 13:57:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-12-05 13:57:35 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-12-05 13:57:35 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-12-05 13:57:35 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-12-05 13:57:35 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-12-05 13:57:34 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-12-05 13:57:34 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-12-05 13:57:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-12-05 13:57:34 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-12-05 13:57:34 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-12-05 13:57:34 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-12-05 13:57:33 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2015-12-05 13:57:33 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-12-05 13:57:33 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-12-05 13:57:33 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-12-05 13:57:33 ----A---- C:\Windows\system32\xactengine2_9.dll
2015-12-05 13:57:33 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-12-05 13:57:33 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-12-05 13:57:33 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-12-05 13:57:32 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-12-05 13:57:32 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-12-05 13:57:32 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-12-05 13:57:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-12-05 13:57:32 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-12-05 13:57:32 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-12-05 13:57:32 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-12-05 13:57:32 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-12-05 13:57:31 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2015-12-05 13:57:31 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2015-12-05 13:57:31 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-12-05 13:57:31 ----A---- C:\Windows\system32\xinput1_3.dll
2015-12-05 13:57:31 ----A---- C:\Windows\system32\xactengine2_7.dll
2015-12-05 13:57:31 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-12-05 13:57:30 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-12-05 13:57:30 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-12-05 13:57:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-12-05 13:57:30 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-12-05 13:57:30 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-12-05 13:57:30 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-12-05 13:57:29 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-12-05 13:57:29 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-12-05 13:57:29 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-12-05 13:57:29 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-12-05 13:57:29 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-12-05 13:57:29 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-12-05 13:57:29 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-12-05 13:57:29 ----A---- C:\Windows\system32\d3dx10.dll
2015-12-05 13:57:28 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-12-05 13:57:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2015-12-05 13:57:28 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2015-12-05 13:57:28 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-12-05 13:57:28 ----A---- C:\Windows\system32\x3daudio1_1.dll
2015-12-05 13:57:28 ----A---- C:\Windows\system32\d3dx9_31.dll
2015-12-05 13:57:27 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-12-05 13:57:27 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-12-05 13:57:26 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-12-05 13:57:26 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-12-05 13:57:26 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-12-05 13:57:26 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-12-05 13:57:26 ----A---- C:\Windows\system32\xinput1_2.dll
2015-12-05 13:57:26 ----A---- C:\Windows\system32\xinput1_1.dll
2015-12-05 13:57:26 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-12-05 13:57:26 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-12-05 13:57:22 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-12-05 13:57:22 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-12-05 13:57:22 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-12-05 13:57:22 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-12-05 13:57:22 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-12-05 13:57:22 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-12-05 13:57:21 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-12-05 13:57:21 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-12-05 13:57:21 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-12-05 13:57:21 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-12-05 13:57:21 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-12-05 13:57:20 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-12-05 13:57:20 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-12-05 13:57:20 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-12-05 13:57:20 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-12-05 13:57:19 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-12-05 13:57:19 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-12-05 10:37:57 ----D---- C:\Program Files\Assassin's Creed Unity
2015-12-03 17:59:58 ----D---- C:\Program Files (x86)\Ubisoft
2015-12-01 17:24:53 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Corel
2015-12-01 17:24:53 ----D---- C:\ProgramData\Protexis
2015-12-01 17:24:02 ----D---- C:\ProgramData\Corel
2015-12-01 17:23:44 ----A---- C:\Windows\system32\drivers\regi.sys
2015-12-01 17:23:29 ----D---- C:\Program Files (x86)\Corel
2015-12-01 17:23:22 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-12-01 16:34:34 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\CyberLink
2015-12-01 16:30:34 ----D---- C:\ProgramData\PDVD
2015-12-01 16:30:31 ----D---- C:\Program Files (x86)\NSIS Uninstall Information
2015-12-01 16:26:42 ----D---- C:\ProgramData\CyberLink
2015-12-01 16:26:41 ----D---- C:\ProgramData\SUPPORTDIR
2015-12-01 16:26:41 ----D---- C:\ProgramData\install_clap
2015-11-30 13:51:18 ----D---- C:\Program Files (x86)\Google
2015-11-05 08:35:07 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Macromedia
2015-11-04 12:48:40 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\awsRun
2015-11-04 12:41:28 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DropboxOEM
2015-11-04 12:40:19 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Adobe
2015-11-04 12:40:17 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\WebStorage
2015-11-04 12:40:13 ----A---- C:\Users\Hana Vaníčková\AppData\Roaming\sp_data.sys
2015-11-04 12:40:08 ----SD---- C:\Users\Hana Vaníčková\AppData\Roaming\Microsoft
2015-11-04 10:13:10 ----D---- C:\ProgramData\APRP

======List of files/folders modified in the last 3 months======

2016-02-03 21:49:01 ----D---- C:\Windows\system32\sru
2016-02-03 21:43:07 ----D---- C:\Windows\Prefetch
2016-02-03 21:42:59 ----RD---- C:\Program Files
2016-02-03 21:39:22 ----HD---- C:\ProgramData
2016-02-03 21:39:22 ----D---- C:\Windows\system32\drivers
2016-02-03 21:28:54 ----D---- C:\Windows\Temp
2016-02-03 21:19:16 ----RD---- C:\Program Files (x86)
2016-02-03 20:27:29 ----D---- C:\Windows\System32
2016-02-03 19:43:14 ----D---- C:\Windows\AppReadiness
2016-02-03 19:11:56 ----D---- C:\Windows\system32\config
2016-02-03 19:09:18 ----D---- C:\Windows\system32\DriverStore
2016-02-03 17:47:02 ----SHD---- C:\Windows\Installer
2016-02-03 17:47:01 ----D---- C:\Program Files\Common Files
2016-02-03 17:43:58 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-03 17:42:06 ----D---- C:\Windows\system32\Tasks
2016-02-03 17:40:12 ----SD---- C:\ProgramData\Microsoft
2016-02-03 17:40:11 ----AD---- C:\Windows
2016-02-03 17:33:07 ----D---- C:\Program Files (x86)\ASUS
2016-02-03 17:14:23 ----D---- C:\Windows\Microsoft.NET
2016-02-03 15:21:26 ----D---- C:\Windows\system32\catroot2
2016-02-03 15:21:15 ----SHD---- C:\System Volume Information
2016-02-03 13:09:33 ----D---- C:\Windows\SysWOW64
2016-02-03 13:00:38 ----D---- C:\Windows\Tasks
2016-02-02 18:57:42 ----HD---- C:\Program Files\WindowsApps
2016-02-01 12:53:34 ----D---- C:\Windows\INF
2016-02-01 12:52:45 ----D---- C:\Windows\twain_32
2016-02-01 12:51:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-24 19:22:03 ----RSD---- C:\Windows\assembly
2016-01-22 20:52:57 ----D---- C:\Windows\system32\FxsTmp
2016-01-17 19:25:21 ----D---- C:\Windows\system32\CatRoot
2016-01-17 16:36:06 ----D---- C:\Windows\debug
2016-01-17 14:53:26 ----D---- C:\Program Files\DIFX
2016-01-14 20:14:37 ----D---- C:\Windows\WinSxS
2016-01-14 20:13:49 ----D---- C:\Program Files\AVAST Software
2016-01-14 20:13:02 ----D---- C:\Windows\AppPatch
2016-01-13 19:48:44 ----D---- C:\ProgramData\AVAST Software
2016-01-13 17:36:36 ----D---- C:\Windows\CbsTemp
2016-01-13 17:33:53 ----D---- C:\Windows\system32\MRT
2016-01-13 17:27:08 ----A---- C:\Windows\system32\MRT.exe
2016-01-13 17:27:04 ----A---- C:\Windows\win.ini
2016-01-10 18:27:00 ----RSD---- C:\Windows\Media
2016-01-09 20:01:15 ----D---- C:\ProgramData\Kingsoft
2016-01-09 19:41:20 ----RSD---- C:\Windows\Fonts
2016-01-09 17:31:24 ----D---- C:\Program Files (x86)\Microsoft Office
2016-01-09 17:31:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-09 14:24:58 ----D---- C:\ProgramData\Package Cache
2016-01-05 18:29:32 ----D---- C:\Program Files (x86)\Common Files
2016-01-04 16:44:07 ----D---- C:\Windows\ShellNew
2016-01-04 16:43:57 ----D---- C:\Program Files (x86)\MSBuild
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-04 16:42:00 ----D---- C:\Program Files\Common Files\microsoft shared
2016-01-03 02:40:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-29 22:59:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-12-29 20:30:39 ----D---- C:\Windows\Logs
2015-12-28 01:04:17 ----D---- C:\Windows\system32\LogFiles
2015-12-26 11:42:44 ----D---- C:\Windows\LiveKernelReports
2015-12-24 15:50:51 ----D---- C:\Windows\system32\NDF
2015-12-24 14:09:04 ----D---- C:\Windows\Panther
2015-12-24 14:06:00 ----HD---- C:\$WINDOWS.~BT
2015-12-23 20:33:51 ----D---- C:\ProgramData\SoftwareDistribution
2015-12-21 00:20:43 ----D---- C:\Windows\SoftwareDistribution
2015-12-11 22:11:28 ----D---- C:\Windows\rescache
2015-12-11 19:05:24 ----D---- C:\Windows\system32\drivers\etc
2015-12-11 19:04:24 ----D---- C:\ProgramData\McAfee
2015-12-11 19:00:32 ----D---- C:\Windows\system32\oobe
2015-12-11 19:00:32 ----D---- C:\Program Files\Internet Explorer
2015-12-11 19:00:32 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-11 18:58:23 ----HD---- C:\Windows\ELAMBKUP
2015-12-11 17:54:58 ----D---- C:\ProgramData\WildTangent
2015-12-11 16:38:07 ----D---- C:\Windows\system32\drivers\UMDF
2015-12-01 18:08:09 ----D---- C:\Windows\OCR
2015-12-01 17:26:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-01 17:26:50 ----D---- C:\Windows\system32\cs-CZ
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnlobby.dll
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2015-12-01 17:26:49 ----A---- C:\Windows\SYSWOW64\dpnaddr.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnsvr.exe
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnlobby.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnhupnp.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnhpast.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnet.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnathlp.dll
2015-12-01 17:26:48 ----A---- C:\Windows\system32\dpnaddr.dll
2015-12-01 17:26:47 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2015-12-01 17:26:47 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2015-12-01 17:26:47 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2015-12-01 17:26:47 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2015-11-30 13:47:08 ----D---- C:\Windows\appcompat
2015-11-05 06:15:43 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-05 06:11:46 ----A---- C:\Windows\system32\LicenseManager.dll
2015-11-05 06:06:10 ----A---- C:\Windows\system32\twinapi.appcore.dll
2015-11-05 06:01:05 ----A---- C:\Windows\system32\fontdrvhost.exe
2015-11-05 05:56:44 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-11-05 05:30:20 ----A---- C:\Windows\SYSWOW64\LicenseManager.dll
2015-11-05 05:23:42 ----A---- C:\Windows\system32\browserbroker.dll
2015-11-05 05:23:32 ----A---- C:\Windows\SYSWOW64\twinapi.appcore.dll
2015-11-05 05:18:37 ----A---- C:\Windows\system32\Windows.Media.dll
2015-11-05 05:18:34 ----A---- C:\Windows\SYSWOW64\fontdrvhost.exe
2015-11-05 05:17:35 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-11-05 05:12:31 ----A---- C:\Windows\system32\internetmail.dll
2015-11-05 05:11:30 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-11-05 05:10:48 ----A---- C:\Windows\system32\esent.dll
2015-11-05 05:07:02 ----A---- C:\Windows\system32\audiosrv.dll
2015-11-05 05:06:41 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-05 05:05:47 ----A---- C:\Windows\system32\urlmon.dll
2015-11-05 05:03:49 ----A---- C:\Windows\system32\RDXService.dll
2015-11-05 05:01:52 ----A---- C:\Windows\system32\kerberos.dll
2015-11-05 04:59:13 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-11-05 04:58:50 ----A---- C:\Windows\system32\Windows.UI.dll
2015-11-05 04:55:55 ----A---- C:\Windows\system32\dssvc.dll
2015-11-05 04:54:44 ----A---- C:\Windows\system32\dlnashext.dll
2015-11-05 04:42:23 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2015-11-05 04:40:41 ----A---- C:\Windows\SYSWOW64\MFMediaEngine.dll
2015-11-05 04:35:04 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-11-05 04:34:45 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Usb.dll
2015-11-05 04:33:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-05 04:30:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-05 04:27:12 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2015-11-05 04:27:12 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2015-11-05 04:23:15 ----A---- C:\Windows\SYSWOW64\dlnashext.dll
2015-11-04 12:41:15 ----SHD---- C:\$Recycle.Bin
2015-11-04 12:40:07 ----RD---- C:\Users
2015-11-04 10:07:42 ----D---- C:\Windows\system32\WinBioDatabase

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-11 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-11 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-11 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-12-20 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-11 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-11 155304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2015-07-14 4317808]
R3 ATP;@oem18.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2015-06-30 100776]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2015-08-17 50696]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-13 6410168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-29 4577024]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-12 11163792]
R3 rt640x64;@oem14.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RTSUER;@oem20.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2015-10-22 410880]
R4 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; C:\Windows\System32\Drivers\spyemrg_guard.sys [2015-03-09 19768]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2015-07-10 1146880]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 cpuz136;cpuz136; \??\C:\Users\PC\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [2015-10-04 26344]
S3 dg_ssudbus;@oem24.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-25 108800]
S3 dtlitescsibus;@oem21.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-12-20 30264]
S3 dtliteusbbus;@oem22.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2015-12-20 46392]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2015-07-10 482328]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-12 472872]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\System32\drivers\Netwsw00.sys [2015-07-10 11518976]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-25 206080]
S3 ssudserd;@oem26.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2015-12-25 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-07 123704]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-11 226440]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 esifsvc;@oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-13 370088]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-07 937592]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-04-29 445240]
R2 SpyEmrgHealth;Spy Emergency Health Check; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [2015-03-20 379192]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-13 300472]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-12-31 2104840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Try]

# AdwCleaner v5.032 - Logfile created 03/02/2016 at 22:15:03
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Hana Vaníčková - HANA-VANICKOVA
# Running from : D:\Users\Hana Vaníčková\Desktop\adwcleaner_5.032 (1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[!] Key Not Deleted : HKU\S-1-5-21-1862561537-882487291-2555552281-1002\Software\AppDataLow\Software\adawarebp

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [868 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[Try]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hana Vaníčková at 2016-02-03 22:38:54
Microsoft Windows 10 Home
System drive C: has 124 GB (33%) free of 381 GB
Total RAM: 8094 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:38:56, on 03.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Hana Vaníčková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 158.255.238.129 google-analytics.com
O1 - Hosts: 158.255.238.129 www.google-analytics.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - Unknown owner - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10876 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8ec08bcb-0515-4fcd-be9c-2b989609dcd5 -SystemEventPortName:HostProcess-43f31330-47a5-4bf6-ba2d-798e8270342d -IoCancelEventPortName:HostProcess-2fb3bedf-78fd-4de1-9b18-6bfa993dcadb -NonStateChangingEventPortName:HostProcess-bbc23fbd-82d9-40c3-b508-6304d333dd61 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d6f7cdce-ae27-4f79-b55d-c8cc3248c754 -DeviceGroupId:
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
dashost.exe {ab6e903d-93f6-4169-9e2b6285cd89c2f7}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4760.0.880085756\785448069" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x1616 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4268 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4760.11.786210041\1655887197" --font-cache-shared-handle=5944 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4760.15.328490558\321855398" --font-cache-shared-handle=4660 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4760.16.702495298\1793882480" --ppapi-flash-args --lang=cs --device-scale-factor=1 --font-cache-shared-handle=1868 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/*SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/*SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4760.18.335476870\545073658" --font-cache-shared-handle=5020 /prefetch:673131151

"D:\Users\Hana Vaníčková\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-11 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-11 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-04 548552]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-11 7021880]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-03 21:42:59 ----D---- C:\rsit
2016-02-03 21:42:59 ----D---- C:\Program Files\trend micro
2016-02-03 21:28:33 ----A---- C:\Windows\system32\drivers\spyemrg_guard.sys
2016-02-03 17:46:47 ----SHD---- C:\Config.Msi
2016-02-03 17:40:11 ----A---- C:\Windows\wininit.ini
2016-02-03 15:02:52 ----D---- C:\Program Files\Common Files\AV
2016-02-03 14:49:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-03 14:49:55 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-03 13:44:24 ----A---- C:\autoexec.bat
2016-02-01 13:03:33 ----D---- C:\ProgramData\CanonIJ
2016-02-01 12:55:24 ----HD---- C:\ProgramData\CanonIJEGV
2016-02-01 12:53:47 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-01 12:53:39 ----D---- C:\ProgramData\CanonIJPLM
2016-02-01 12:50:57 ----D---- C:\Program Files\Canon
2016-02-01 12:50:18 ----HD---- C:\ProgramData\CanonBJ
2016-02-01 12:50:11 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-01 12:50:06 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-01 12:49:48 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-01 12:49:47 ----A---- C:\Windows\system32\CNMIUAA.DLL
2016-02-01 12:49:42 ----HD---- C:\Program Files\CanonBJ
2016-01-22 20:43:48 ----HD---- C:\ProgramData\CanonIJScan
2016-01-22 20:43:46 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Canon
2016-01-19 18:40:17 ----D---- C:\ProgramData\EA Core
2016-01-17 19:27:04 ----D---- C:\ProgramData\ASUS Smart Gesture
2016-01-17 14:52:20 ----D---- C:\ProgramData\SetupTPDriver
2016-01-17 14:52:11 ----A---- C:\Windows\system32\ASGCoInstaller_x64.dll
2016-01-13 19:48:04 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-12 22:02:01 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-12 22:02:01 ----A---- C:\Windows\system32\schannel.dll
2016-01-12 22:02:00 ----A---- C:\Windows\system32\edgehtml.dll
2016-01-12 22:01:56 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-01-12 22:01:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-12 22:01:48 ----A---- C:\Windows\system32\mshtml.dll
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-12 22:01:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-12 22:01:41 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-12 22:01:40 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-12 22:01:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-12 22:01:38 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-12 22:01:36 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-12 22:01:35 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-12 22:01:35 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aepic.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aeinv.dll
2016-01-12 22:01:32 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\evr.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\system32\advapi32.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\qedit.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-12 22:01:29 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mftranscode.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mfcore.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\devenum.dll
2016-01-12 22:01:28 ----A---- C:\Windows\system32\Chakra.dll
2016-01-12 22:01:27 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-12 22:01:27 ----A---- C:\Windows\system32\invagent.dll
2016-01-12 22:01:26 ----A---- C:\Windows\system32\generaltel.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\devinv.dll
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-01-12 22:01:24 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\system32\qdvd.dll
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgrcli.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgr.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\mfds.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-12 22:01:21 ----A---- C:\Windows\system32\winlogon.exe
2016-01-12 22:01:21 ----A---- C:\Windows\system32\gdi32.dll
2016-01-12 22:01:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\mfps.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\appraiser.dll
2016-01-12 22:01:17 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-12 22:01:17 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\Chakradiag.dll
2016-01-10 18:27:54 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonIJEPPEX2
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonEPP
2016-01-10 18:26:30 ----D---- C:\ProgramData\CanonIJMSetup
2016-01-10 18:00:25 ----D---- C:\Program Files\Common Files\CANON
2016-01-10 18:00:14 ----D---- C:\ProgramData\CanonIJWSpt
2016-01-10 17:58:39 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2016-01-10 17:58:39 ----A---- C:\Windows\system32\CNHMCA6.dll
2016-01-10 17:58:27 ----A---- C:\Windows\system32\CNMLMAA.DLL
2016-01-10 17:58:01 ----D---- C:\Program Files (x86)\Canon
2016-01-09 20:10:25 ----D---- C:\AdwCleaner
2016-01-09 20:08:54 ----D---- C:\ProgramData\Malwarebytes
2016-01-09 20:00:57 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\kingsoft
2016-01-09 17:29:53 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\MAGIX
2016-01-09 17:29:53 ----D---- C:\ProgramData\MAGIX
2016-01-09 14:24:59 ----A---- C:\Windows\SYSWOW64\DLLDEV32i.dll
2016-01-09 14:24:09 ----D---- C:\KMPlayer
2016-01-09 14:18:19 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\BANDISOFT
2016-01-09 14:18:12 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\NVIDIA
2016-01-09 14:17:55 ----D---- C:\Program Files (x86)\Bandicam
2016-01-09 14:17:54 ----D---- C:\Program Files (x86)\BandiMPEG1
2016-01-04 16:43:27 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2016-01-04 16:43:08 ----D---- C:\Windows\PCHEALTH
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-01-04 16:41:37 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2016-01-04 16:41:17 ----D---- C:\Program Files\Microsoft Office
2016-01-04 16:40:55 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-01-04 16:40:21 ----RHD---- C:\MSOCache

======List of files/folders modified in the last 1 month======

2016-02-03 22:38:21 ----D---- C:\Windows\Prefetch
2016-02-03 22:37:27 ----D---- C:\Windows\Temp
2016-02-03 22:37:27 ----D---- C:\Windows\System32
2016-02-03 22:16:41 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-03 22:15:45 ----RD---- C:\Program Files
2016-02-03 22:15:18 ----D---- C:\Windows\system32\sru
2016-02-03 21:39:22 ----HD---- C:\ProgramData
2016-02-03 21:39:22 ----D---- C:\Windows\system32\drivers
2016-02-03 21:19:16 ----RD---- C:\Program Files (x86)
2016-02-03 19:43:14 ----D---- C:\Windows\AppReadiness
2016-02-03 19:11:56 ----D---- C:\Windows\system32\config
2016-02-03 19:09:18 ----D---- C:\Windows\system32\DriverStore
2016-02-03 17:47:02 ----SHD---- C:\Windows\Installer
2016-02-03 17:47:01 ----D---- C:\Program Files\Common Files
2016-02-03 17:42:06 ----D---- C:\Windows\system32\Tasks
2016-02-03 17:40:12 ----SD---- C:\ProgramData\Microsoft
2016-02-03 17:40:11 ----AD---- C:\Windows
2016-02-03 17:33:07 ----D---- C:\Program Files (x86)\ASUS
2016-02-03 17:14:23 ----D---- C:\Windows\Microsoft.NET
2016-02-03 15:21:26 ----D---- C:\Windows\system32\catroot2
2016-02-03 15:21:15 ----SHD---- C:\System Volume Information
2016-02-03 13:09:33 ----D---- C:\Windows\SysWOW64
2016-02-03 13:00:38 ----D---- C:\Windows\Tasks
2016-02-02 18:57:42 ----HD---- C:\Program Files\WindowsApps
2016-02-01 15:21:56 ----SD---- C:\Users\Hana Vaníčková\AppData\Roaming\Microsoft
2016-02-01 12:53:34 ----D---- C:\Windows\INF
2016-02-01 12:52:45 ----D---- C:\Windows\twain_32
2016-02-01 12:51:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-24 19:22:03 ----RSD---- C:\Windows\assembly
2016-01-22 20:52:57 ----D---- C:\Windows\system32\FxsTmp
2016-01-20 15:01:50 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\uTorrent
2016-01-18 21:46:33 ----D---- C:\ProgramData\Origin
2016-01-17 19:25:21 ----D---- C:\Windows\system32\CatRoot
2016-01-17 16:36:06 ----D---- C:\Windows\debug
2016-01-17 15:37:10 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DAEMON Tools Lite
2016-01-17 14:56:18 ----D---- C:\Program Files (x86)\Google
2016-01-17 14:53:26 ----D---- C:\Program Files\DIFX
2016-01-14 20:14:37 ----D---- C:\Windows\WinSxS
2016-01-14 20:13:49 ----D---- C:\Program Files\AVAST Software
2016-01-14 20:13:02 ----D---- C:\Windows\AppPatch
2016-01-13 19:48:44 ----D---- C:\ProgramData\AVAST Software
2016-01-13 17:37:11 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 17:36:36 ----D---- C:\Windows\CbsTemp
2016-01-13 17:33:53 ----D---- C:\Windows\system32\MRT
2016-01-13 17:27:08 ----A---- C:\Windows\system32\MRT.exe
2016-01-13 17:27:04 ----A---- C:\Windows\win.ini
2016-01-10 18:27:00 ----RSD---- C:\Windows\Media
2016-01-09 20:01:15 ----D---- C:\ProgramData\Kingsoft
2016-01-09 19:57:48 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DropboxOEM
2016-01-09 19:41:20 ----RSD---- C:\Windows\Fonts
2016-01-09 17:31:24 ----D---- C:\Program Files (x86)\Microsoft Office
2016-01-09 17:31:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-09 14:24:58 ----D---- C:\ProgramData\Package Cache
2016-01-05 18:29:32 ----D---- C:\Program Files (x86)\Common Files
2016-01-04 16:44:07 ----D---- C:\Windows\ShellNew
2016-01-04 16:43:57 ----D---- C:\Program Files (x86)\MSBuild
2016-01-04 16:43:08 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-01-04 16:42:00 ----D---- C:\Program Files\Common Files\microsoft shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-11 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-11 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-11 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-12-20 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-11 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-11 155304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2015-07-14 4317808]
R3 ATP;@oem18.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2015-06-30 100776]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2015-08-17 50696]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-13 6410168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-29 4577024]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-12 11163792]
R3 rt640x64;@oem14.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RTSUER;@oem20.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2015-10-22 410880]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2015-07-10 1146880]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 cpuz136;cpuz136; \??\C:\Users\PC\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [2015-10-04 26344]
S3 dg_ssudbus;@oem24.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-25 108800]
S3 dtlitescsibus;@oem21.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-12-20 30264]
S3 dtliteusbbus;@oem22.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2015-12-20 46392]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2015-07-10 482328]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-12 472872]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\System32\drivers\Netwsw00.sys [2015-07-10 11518976]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-25 206080]
S3 ssudserd;@oem26.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2015-12-25 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-07 123704]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-11 226440]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 esifsvc;@oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-13 370088]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-07 937592]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-04-29 445240]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 SpyEmrgHealth;Spy Emergency Health Check; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe []
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-13 300472]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-12-31 2104840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[Try]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hana Vaníčková at 2016-02-05 14:11:35
Microsoft Windows 10 Home
System drive C: has 125 GB (33%) free of 381 GB
Total RAM: 8094 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:39, on 05.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Hana Vaníčková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 158.255.238.129 google-analytics.com
O1 - Hosts: 158.255.238.129 www.google-analytics.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: avast! SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - Unknown owner - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10876 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ec31440c-c21c-484e-98d9-ee1fac924d6d -SystemEventPortName:HostProcess-626b96db-3f1a-4b96-95f6-cc35b1146f2d -IoCancelEventPortName:HostProcess-eb790b3f-399a-4638-a4fd-09a0370e83cc -NonStateChangingEventPortName:HostProcess-c351c928-4d22-4e9e-ab71-57ca5730c673 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ee92070a-c984-4a96-a457-9cab9b022db7 -DeviceGroupId:
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\AutoKMS\AutoKMS.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
dashost.exe {8391f841-3326-4658-93c4fdf9e34cb844}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\esif_uf.exe
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k appmodel
"C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\TEMP\DPTF\esif_assist_64.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
igfxEM.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
igfxHK.exe
igfxTray.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 608 616 8192 612
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\notepad.exe" D:\_OTM\MovedFiles\02052016_140453.log
"C:\Program Files\AVAST Software\SecureLine\SecureLine.exe" /nogui
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"

"D:\Users\Hana Vaníčková\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-11 885152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-11 664184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Hana Vaníčková\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-04 548552]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-11 7021880]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
avast! SecureLine.lnk - C:\Program Files\AVAST Software\SecureLine\SecureLine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-03 21:42:59 ----D---- C:\rsit
2016-02-03 21:42:59 ----D---- C:\Program Files\trend micro
2016-02-03 21:28:33 ----A---- C:\Windows\system32\drivers\spyemrg_guard.sys
2016-02-03 17:46:47 ----SHD---- C:\Config.Msi
2016-02-03 17:40:11 ----A---- C:\Windows\wininit.ini
2016-02-03 15:02:52 ----D---- C:\Program Files\Common Files\AV
2016-02-03 14:49:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-02-03 14:49:55 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-03 13:44:24 ----A---- C:\autoexec.bat
2016-02-01 13:03:33 ----D---- C:\ProgramData\CanonIJ
2016-02-01 12:55:24 ----HD---- C:\ProgramData\CanonIJEGV
2016-02-01 12:53:47 ----HD---- C:\ProgramData\CanonIJMyPrinter
2016-02-01 12:53:39 ----D---- C:\ProgramData\CanonIJPLM
2016-02-01 12:50:57 ----D---- C:\Program Files\Canon
2016-02-01 12:50:18 ----HD---- C:\ProgramData\CanonBJ
2016-02-01 12:50:11 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2016-02-01 12:50:07 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280L.dll
2016-02-01 12:50:07 ----A---- C:\Windows\system32\CNC280I.dll
2016-02-01 12:50:06 ----A---- C:\Windows\system32\CNC280C.dll
2016-02-01 12:49:48 ----A---- C:\Windows\system32\CNC280O.dll
2016-02-01 12:49:47 ----A---- C:\Windows\system32\CNMIUAA.DLL
2016-02-01 12:49:42 ----HD---- C:\Program Files\CanonBJ
2016-01-22 20:43:48 ----HD---- C:\ProgramData\CanonIJScan
2016-01-22 20:43:46 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\Canon
2016-01-19 18:40:17 ----D---- C:\ProgramData\EA Core
2016-01-17 19:27:04 ----D---- C:\ProgramData\ASUS Smart Gesture
2016-01-17 14:52:20 ----D---- C:\ProgramData\SetupTPDriver
2016-01-17 14:52:11 ----A---- C:\Windows\system32\ASGCoInstaller_x64.dll
2016-01-13 19:48:04 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-12 22:02:01 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-12 22:02:01 ----A---- C:\Windows\system32\schannel.dll
2016-01-12 22:02:00 ----A---- C:\Windows\system32\edgehtml.dll
2016-01-12 22:01:56 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2016-01-12 22:01:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-12 22:01:48 ----A---- C:\Windows\system32\mshtml.dll
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-12 22:01:44 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-12 22:01:43 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-12 22:01:43 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-12 22:01:42 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-12 22:01:41 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-12 22:01:41 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-12 22:01:40 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-12 22:01:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-12 22:01:38 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\quartz.dll
2016-01-12 22:01:37 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-12 22:01:36 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-12 22:01:36 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-12 22:01:35 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-12 22:01:35 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-12 22:01:33 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aepic.dll
2016-01-12 22:01:33 ----A---- C:\Windows\system32\aeinv.dll
2016-01-12 22:01:32 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-12 22:01:32 ----A---- C:\Windows\system32\evr.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-12 22:01:31 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-12 22:01:31 ----A---- C:\Windows\system32\advapi32.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\qedit.dll
2016-01-12 22:01:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-12 22:01:29 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mftranscode.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\mfcore.dll
2016-01-12 22:01:29 ----A---- C:\Windows\system32\devenum.dll
2016-01-12 22:01:28 ----A---- C:\Windows\system32\Chakra.dll
2016-01-12 22:01:27 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-12 22:01:27 ----A---- C:\Windows\system32\invagent.dll
2016-01-12 22:01:26 ----A---- C:\Windows\system32\generaltel.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mftranscode.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\mfh264enc.dll
2016-01-12 22:01:25 ----A---- C:\Windows\system32\devinv.dll
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2016-01-12 22:01:24 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-12 22:01:24 ----A---- C:\Windows\system32\qdvd.dll
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgrcli.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\usermgr.dll
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-12 22:01:23 ----A---- C:\Windows\system32\mfds.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-12 22:01:22 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-12 22:01:22 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-01-12 22:01:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-12 22:01:21 ----A---- C:\Windows\system32\winlogon.exe
2016-01-12 22:01:21 ----A---- C:\Windows\system32\gdi32.dll
2016-01-12 22:01:20 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\SYSWOW64\usermgrcli.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\vbscript.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\mfps.dll
2016-01-12 22:01:18 ----A---- C:\Windows\system32\appraiser.dll
2016-01-12 22:01:17 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-12 22:01:17 ----A---- C:\Windows\system32\aitstatic.exe
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\UserMgrProxy.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\jscript.dll
2016-01-12 22:01:16 ----A---- C:\Windows\system32\Chakradiag.dll
2016-01-10 18:27:54 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonIJEPPEX2
2016-01-10 18:27:52 ----HD---- C:\ProgramData\CanonEPP
2016-01-10 18:26:30 ----D---- C:\ProgramData\CanonIJMSetup
2016-01-10 18:00:25 ----D---- C:\Program Files\Common Files\CANON
2016-01-10 18:00:14 ----D---- C:\ProgramData\CanonIJWSpt
2016-01-10 17:58:39 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2016-01-10 17:58:39 ----A---- C:\Windows\system32\CNHMCA6.dll
2016-01-10 17:58:27 ----A---- C:\Windows\system32\CNMLMAA.DLL
2016-01-10 17:58:01 ----D---- C:\Program Files (x86)\Canon
2016-01-09 20:10:25 ----D---- C:\AdwCleaner
2016-01-09 20:08:54 ----D---- C:\ProgramData\Malwarebytes
2016-01-09 20:00:57 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\kingsoft
2016-01-09 17:29:53 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\MAGIX
2016-01-09 17:29:53 ----D---- C:\ProgramData\MAGIX
2016-01-09 14:24:59 ----A---- C:\Windows\SYSWOW64\DLLDEV32i.dll
2016-01-09 14:24:09 ----D---- C:\KMPlayer
2016-01-09 14:18:19 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\BANDISOFT
2016-01-09 14:18:12 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\NVIDIA
2016-01-09 14:17:55 ----D---- C:\Program Files (x86)\Bandicam
2016-01-09 14:17:54 ----D---- C:\Program Files (x86)\BandiMPEG1

======List of files/folders modified in the last 1 month======

2016-02-05 14:10:38 ----D---- C:\Windows\Temp
2016-02-05 14:09:11 ----D---- C:\Windows\Prefetch
2016-02-05 14:08:23 ----D---- C:\Windows\System32
2016-02-05 14:08:23 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-05 14:06:59 ----D---- C:\Windows\system32\sru
2016-02-05 14:04:54 ----D---- C:\Windows\Tasks
2016-02-05 14:04:54 ----D---- C:\Windows\system32\Tasks
2016-02-05 14:01:47 ----D---- C:\Windows\INF
2016-02-05 13:13:08 ----HD---- C:\Program Files\WindowsApps
2016-02-04 14:02:27 ----D---- C:\Windows\AppReadiness
2016-02-03 22:15:45 ----RD---- C:\Program Files
2016-02-03 21:39:22 ----HD---- C:\ProgramData
2016-02-03 21:39:22 ----D---- C:\Windows\system32\drivers
2016-02-03 21:19:16 ----RD---- C:\Program Files (x86)
2016-02-03 19:11:56 ----D---- C:\Windows\system32\config
2016-02-03 19:09:18 ----D---- C:\Windows\system32\DriverStore
2016-02-03 17:47:02 ----SHD---- C:\Windows\Installer
2016-02-03 17:47:01 ----D---- C:\Program Files\Common Files
2016-02-03 17:40:12 ----SD---- C:\ProgramData\Microsoft
2016-02-03 17:40:11 ----AD---- C:\Windows
2016-02-03 17:33:07 ----D---- C:\Program Files (x86)\ASUS
2016-02-03 17:14:23 ----D---- C:\Windows\Microsoft.NET
2016-02-03 15:21:26 ----D---- C:\Windows\system32\catroot2
2016-02-03 15:21:15 ----SHD---- C:\System Volume Information
2016-02-03 13:09:33 ----D---- C:\Windows\SysWOW64
2016-02-01 15:21:56 ----SD---- C:\Users\Hana Vaníčková\AppData\Roaming\Microsoft
2016-02-01 12:52:45 ----D---- C:\Windows\twain_32
2016-02-01 12:51:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-24 19:22:03 ----RSD---- C:\Windows\assembly
2016-01-22 20:52:57 ----D---- C:\Windows\system32\FxsTmp
2016-01-20 15:01:50 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\uTorrent
2016-01-18 21:46:33 ----D---- C:\ProgramData\Origin
2016-01-17 19:25:21 ----D---- C:\Windows\system32\CatRoot
2016-01-17 16:36:06 ----D---- C:\Windows\debug
2016-01-17 15:37:10 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DAEMON Tools Lite
2016-01-17 14:56:18 ----D---- C:\Program Files (x86)\Google
2016-01-17 14:53:26 ----D---- C:\Program Files\DIFX
2016-01-14 20:14:37 ----D---- C:\Windows\WinSxS
2016-01-14 20:13:49 ----D---- C:\Program Files\AVAST Software
2016-01-14 20:13:02 ----D---- C:\Windows\AppPatch
2016-01-13 19:48:44 ----D---- C:\ProgramData\AVAST Software
2016-01-13 17:37:11 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 17:36:36 ----D---- C:\Windows\CbsTemp
2016-01-13 17:33:53 ----D---- C:\Windows\system32\MRT
2016-01-13 17:27:08 ----A---- C:\Windows\system32\MRT.exe
2016-01-13 17:27:04 ----A---- C:\Windows\win.ini
2016-01-10 18:27:00 ----RSD---- C:\Windows\Media
2016-01-09 20:01:15 ----D---- C:\ProgramData\Kingsoft
2016-01-09 19:57:48 ----D---- C:\Users\Hana Vaníčková\AppData\Roaming\DropboxOEM
2016-01-09 19:41:20 ----RSD---- C:\Windows\Fonts
2016-01-09 17:31:24 ----D---- C:\Program Files (x86)\Microsoft Office
2016-01-09 17:31:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-01-09 14:24:58 ----D---- C:\ProgramData\Package Cache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-11 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-11 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 IntelHSWPcc;IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-11 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-20 1065208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-20 464256]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 dtsoftbus01;@oem23.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-12-20 283064]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-11 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-18 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-11 155304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2010-11-16 15672]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 athr;@oem16.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw10x.sys [2015-07-14 4317808]
R3 ATP;@oem18.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2015-06-30 100776]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-07-29 601624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 dptf_cpu;dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [2015-08-17 53752]
R3 dptf_pch;dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [2015-08-17 50696]
R3 esif_lf;esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [2015-08-17 261624]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-08-13 6410168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-29 4577024]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2015-07-28 184608]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-12 11163792]
R3 rt640x64;@oem14.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RTSUER;@oem20.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2015-10-22 410880]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 40288]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2015-07-10 1146880]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2015-07-10 105984]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-09-17 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 116736]
S3 cpuz136;cpuz136; \??\C:\Users\PC\AppData\Local\Temp\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;@oem24.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-25 108800]
S3 dtlitescsibus;@oem21.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-12-20 30264]
S3 dtliteusbbus;@oem22.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2015-12-20 46392]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\System32\drivers\e1i63x64.sys [2015-07-10 482328]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-12 472872]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\System32\drivers\Netwsw00.sys [2015-07-10 11518976]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-07-17 934752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-07-10 167936]
S3 ssudmdm;@oem25.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-25 206080]
S3 ssudserd;@oem26.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2015-12-25 206080]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-07 123704]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2015-07-29 323152]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-11 226440]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
R2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 esifsvc;@oem11.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2015-08-17 1385640]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-08-13 370088]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-08-07 207648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-08-07 415520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-07 937592]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SecureLine;Avast SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [2015-04-29 445240]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-18 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S2 SpyEmrgHealth;Spy Emergency Health Check; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe []
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-08-13 300472]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-17 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 56344]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-12-31 2104840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[Try]

O trochu se to zlepšilo, ale stále to přetrvává.

[Rudy]

Proveďte ještě následující skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[Try]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Hana Vanˇźkov  on 07.02.2016 at 11:52:47,03.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Users\HANAVA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

07.02.2016 11:55:00 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Kingsoft deleted successfully
C:\Users\PC\AppData\Local\NetworkTiles deleted successfully
C:\Users\PC\AppData\Local\VirtualStore deleted successfully
C:\Users\HANAVA~1\AppData\Local\NetworkTiles deleted successfully
C:\Users\HANAVA~1\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\BandiMPEG1 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avast! SL Update deleted
C:\Windows\wininit.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [14.01.2016 20:13]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11.12.2015 18:51]

Avast Online Security - HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Fix ======================

C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage deleted successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HANAVA~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HANAVA~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\HANAVA~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\HANAVA~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\HANAVA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=48 folders=33 40619136 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HANAVA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07.02.2016 at 12:18:10,81 ======================

[Try]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by Hana Vanˇźkov  (Administrator) on 07.02.2016 at 12:41:25,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2016 at 12:43:22,06
End of JRT log

[Rudy]

Jak to vypadá nyní?

[Try]

Podle všeho to vypadá, že je zase vše, jak má. Díky moc za pomoc

[Rudy]

To jsem rád. Nemáte zač!