Facebook rozesílá prasárny

[MartasonB]

Zdravím, Facebook vkládá příspěvky do různých skupin s odkazama na péčko.

spustil jsem Scan a Clean na ADWCleaner

Děkuji za rady

Log ADWCleaner:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2016-02-24 16:58:20
Microsoft Windows 8 Pro 
System drive C: has 776 GB (81%) free of 954 GB
Total RAM: 3272 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:58:26, on 24. 2. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8489 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskhostex.exe 
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
dashost.exe {431bbdc5-cb2e-4e92-960ce370359ca508}
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" 
"C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe" 
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HydraDM64.exe -h:65976 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 552 556 564 65536 560 
"C:\Users\Zdeněk\Downloads\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ASC9_SkipUac_Zdeněk.job - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe  /SkipUac 

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "seznam"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\extensions\
bingsearch.full@microsoft.com

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-12-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-12-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-11-01 389120]
"BingSvc"=C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-01 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-24 16:58:21 ----D---- C:\Program Files\trend micro
2016-02-24 16:58:20 ----D---- C:\rsit
2016-02-24 16:50:31 ----D---- C:\AdwCleaner
2016-02-12 10:26:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-12 07:44:57 ----A---- C:\Windows\system32\drivers\geoduswe.sys
2016-02-10 13:21:12 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 13:21:12 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 19:01:34 ----D---- C:\Users\Zdeněk\AppData\Roaming\Seznam Browser
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSHP64.dll
2016-02-04 15:08:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\SETEDBB.tmp
2016-02-04 15:08:32 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-02-04 15:08:31 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtkApi64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEED64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\SETDEA3.tmp
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RTCOM64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-02-04 15:08:26 ----A---- C:\Windows\system32\SETE564.tmp
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBppld64.dll
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBPPCn64.dll
2016-02-04 15:08:25 ----A---- C:\Windows\SYSWOW64\MBAPO32.dll
2016-02-04 15:08:25 ----A---- C:\Windows\system32\MBAPO64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-04 15:08:21 ----A---- C:\Windows\system32\FMAPO64.dll
2016-02-04 15:08:19 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAR64.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAC64.dll
2016-02-04 14:58:51 ----D---- C:\Users\Zdeněk\AppData\Roaming\WarThunder

======List of files/folders modified in the last 1 month======

2016-02-24 16:58:21 ----RD---- C:\Program Files
2016-02-24 16:57:52 ----D---- C:\Windows\Prefetch
2016-02-24 16:53:28 ----D---- C:\Windows\Temp
2016-02-24 16:52:29 ----D---- C:\Windows\system32\Tasks
2016-02-24 16:41:30 ----D---- C:\Windows\system32\sru
2016-02-24 11:04:37 ----D---- C:\Windows\Microsoft.NET
2016-02-24 07:03:30 ----D---- C:\Windows\system32\config
2016-02-24 07:03:30 ----D---- C:\Windows
2016-02-23 21:10:10 ----D---- C:\Users\Zdeněk\AppData\Roaming\uTorrent
2016-02-23 20:49:11 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2016-02-23 16:01:22 ----D---- C:\Windows\system32\catroot2
2016-02-23 15:17:11 ----D---- C:\Windows\SoftwareDistribution
2016-02-23 14:44:17 ----D---- C:\Windows\debug
2016-02-20 08:32:53 ----D---- C:\ProgramData\ProductData
2016-02-18 19:47:44 ----SHD---- C:\System Volume Information
2016-02-18 19:20:00 ----D---- C:\Windows\Inf
2016-02-16 08:49:49 ----D---- C:\ProgramData\IObit
2016-02-16 07:48:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:20:58 ----D---- C:\Windows\WinSxS
2016-02-13 19:16:55 ----D---- C:\Windows\AUInstallAgent
2016-02-13 19:16:26 ----HD---- C:\Program Files\WindowsApps
2016-02-12 17:30:30 ----RD---- C:\Program Files (x86)
2016-02-12 07:44:57 ----D---- C:\Windows\system32\Drivers
2016-02-11 11:23:49 ----SHD---- C:\Windows\Installer
2016-02-11 11:23:49 ----SHD---- C:\Config.Msi
2016-02-11 11:23:46 ----RD---- C:\Program Files (x86)\Skype
2016-02-11 11:23:46 ----D---- C:\Windows\SysWOW64
2016-02-11 11:23:46 ----D---- C:\Program Files (x86)\Common Files
2016-02-11 11:23:44 ----D---- C:\ProgramData\Skype
2016-02-10 13:48:49 ----D---- C:\ProgramData\Microsoft Help
2016-02-10 13:48:33 ----RD---- C:\Windows\assembly
2016-02-10 13:34:19 ----A---- C:\Windows\win.ini
2016-02-10 13:33:42 ----D---- C:\Windows\CbsTemp
2016-02-10 13:33:02 ----RD---- C:\Windows\System32
2016-02-10 13:33:02 ----D---- C:\Windows\system32\appraiser
2016-02-10 13:33:02 ----D---- C:\Windows\apppatch
2016-02-10 13:31:21 ----D---- C:\Windows\system32\MRT
2016-02-10 13:28:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-04 15:20:24 ----D---- C:\Windows\Tasks
2016-02-04 15:08:57 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-02-04 15:08:53 ----D---- C:\Windows\system32\catroot
2016-02-04 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-02-04 15:00:33 ----D---- C:\Users\Zdeněk\AppData\Roaming\IObit
2016-02-04 15:00:09 ----D---- C:\Program Files (x86)\IObit
2016-01-28 14:56:08 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2015-12-08 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2015-12-08 25800]
R0 amdide64;amdide64; C:\Windows\System32\drivers\amdide64.sys [2015-12-08 11944]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-01 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-08 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-08 638976]
R3 athur;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2015-12-08 215040]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-02-04 4686592]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-12-29 935168]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-10-24 22240]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-01-02 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-01-02 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-01-02 30528]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2012-07-26 57344]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-11-01 344064]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 257928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

Log z RSIT:

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2016-02-24 16:58:20
Microsoft Windows 8 Pro 
System drive C: has 776 GB (81%) free of 954 GB
Total RAM: 3272 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:58:26, on 24. 2. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8489 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskhostex.exe 
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
dashost.exe {431bbdc5-cb2e-4e92-960ce370359ca508}
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" 
"C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe" 
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HydraDM64.exe -h:65976 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 552 556 564 65536 560 
"C:\Users\Zdeněk\Downloads\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ASC9_SkipUac_Zdeněk.job - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe  /SkipUac 

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "seznam"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\extensions\
bingsearch.full@microsoft.com

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-12-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-12-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-11-01 389120]
"BingSvc"=C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-01 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-24 16:58:21 ----D---- C:\Program Files\trend micro
2016-02-24 16:58:20 ----D---- C:\rsit
2016-02-24 16:50:31 ----D---- C:\AdwCleaner
2016-02-12 10:26:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-12 07:44:57 ----A---- C:\Windows\system32\drivers\geoduswe.sys
2016-02-10 13:21:12 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 13:21:12 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 19:01:34 ----D---- C:\Users\Zdeněk\AppData\Roaming\Seznam Browser
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSHP64.dll
2016-02-04 15:08:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\SETEDBB.tmp
2016-02-04 15:08:32 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-02-04 15:08:31 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtkApi64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEED64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\SETDEA3.tmp
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RTCOM64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-02-04 15:08:26 ----A---- C:\Windows\system32\SETE564.tmp
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBppld64.dll
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBPPCn64.dll
2016-02-04 15:08:25 ----A---- C:\Windows\SYSWOW64\MBAPO32.dll
2016-02-04 15:08:25 ----A---- C:\Windows\system32\MBAPO64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-04 15:08:21 ----A---- C:\Windows\system32\FMAPO64.dll
2016-02-04 15:08:19 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAR64.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAC64.dll
2016-02-04 14:58:51 ----D---- C:\Users\Zdeněk\AppData\Roaming\WarThunder

======List of files/folders modified in the last 1 month======

2016-02-24 16:58:21 ----RD---- C:\Program Files
2016-02-24 16:57:52 ----D---- C:\Windows\Prefetch
2016-02-24 16:53:28 ----D---- C:\Windows\Temp
2016-02-24 16:52:29 ----D---- C:\Windows\system32\Tasks
2016-02-24 16:41:30 ----D---- C:\Windows\system32\sru
2016-02-24 11:04:37 ----D---- C:\Windows\Microsoft.NET
2016-02-24 07:03:30 ----D---- C:\Windows\system32\config
2016-02-24 07:03:30 ----D---- C:\Windows
2016-02-23 21:10:10 ----D---- C:\Users\Zdeněk\AppData\Roaming\uTorrent
2016-02-23 20:49:11 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2016-02-23 16:01:22 ----D---- C:\Windows\system32\catroot2
2016-02-23 15:17:11 ----D---- C:\Windows\SoftwareDistribution
2016-02-23 14:44:17 ----D---- C:\Windows\debug
2016-02-20 08:32:53 ----D---- C:\ProgramData\ProductData
2016-02-18 19:47:44 ----SHD---- C:\System Volume Information
2016-02-18 19:20:00 ----D---- C:\Windows\Inf
2016-02-16 08:49:49 ----D---- C:\ProgramData\IObit
2016-02-16 07:48:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:20:58 ----D---- C:\Windows\WinSxS
2016-02-13 19:16:55 ----D---- C:\Windows\AUInstallAgent
2016-02-13 19:16:26 ----HD---- C:\Program Files\WindowsApps
2016-02-12 17:30:30 ----RD---- C:\Program Files (x86)
2016-02-12 07:44:57 ----D---- C:\Windows\system32\Drivers
2016-02-11 11:23:49 ----SHD---- C:\Windows\Installer
2016-02-11 11:23:49 ----SHD---- C:\Config.Msi
2016-02-11 11:23:46 ----RD---- C:\Program Files (x86)\Skype
2016-02-11 11:23:46 ----D---- C:\Windows\SysWOW64
2016-02-11 11:23:46 ----D---- C:\Program Files (x86)\Common Files
2016-02-11 11:23:44 ----D---- C:\ProgramData\Skype
2016-02-10 13:48:49 ----D---- C:\ProgramData\Microsoft Help
2016-02-10 13:48:33 ----RD---- C:\Windows\assembly
2016-02-10 13:34:19 ----A---- C:\Windows\win.ini
2016-02-10 13:33:42 ----D---- C:\Windows\CbsTemp
2016-02-10 13:33:02 ----RD---- C:\Windows\System32
2016-02-10 13:33:02 ----D---- C:\Windows\system32\appraiser
2016-02-10 13:33:02 ----D---- C:\Windows\apppatch
2016-02-10 13:31:21 ----D---- C:\Windows\system32\MRT
2016-02-10 13:28:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-04 15:20:24 ----D---- C:\Windows\Tasks
2016-02-04 15:08:57 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-02-04 15:08:53 ----D---- C:\Windows\system32\catroot
2016-02-04 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-02-04 15:00:33 ----D---- C:\Users\Zdeněk\AppData\Roaming\IObit
2016-02-04 15:00:09 ----D---- C:\Program Files (x86)\IObit
2016-01-28 14:56:08 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2015-12-08 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2015-12-08 25800]
R0 amdide64;amdide64; C:\Windows\System32\drivers\amdide64.sys [2015-12-08 11944]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-01 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-08 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-08 638976]
R3 athur;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2015-12-08 215040]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-02-04 4686592]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-12-29 935168]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-10-24 22240]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-01-02 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-01-02 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-01-02 30528]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2012-07-26 57344]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-11-01 344064]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 257928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[MartasonB]

no přesně to jsem udělal a Log jsem vložil plus jeste log z RSIT

[Rudy]

Vidím jen 2x log z RSIT. ADW ne. Anebo jsem slepý.

[MartasonB]

omlouvam se, asi jsem to spatně nakopiroval

tak snad ted

Kód: Vybrat vše

# AdwCleaner v5.036 - Logfile created 24/02/2016 at 16:52:29
# Updated 22/02/2016 by Xplode
# Database : 2016-02-22.2 [Server]
# Operating system : Windows 8 Pro  (x64)
# Username : Zdeněk - PC-ZDENEK
# Running from : C:\Users\Zdeněk\Downloads\adwcleaner_5.036.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\searchplugins\yahoo_ff.xml
[-] File Deleted : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\user.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk
[-] Shortcut Disinfected : C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
[-] Shortcut Disinfected : C:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchPreSignup

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9F2A8DFC-3CF3-4F2A-9C49-E5D88F016276}

***** [ Web browsers ] *****

[-] [C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");
[-] [C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1843 bytes] - [24/02/2016 16:52:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [2252 bytes] - [24/02/2016 16:50:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1989 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[MartasonB]

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2016-02-25 13:58:20
Microsoft Windows 8 Pro 
System drive C: has 776 GB (81%) free of 954 GB
Total RAM: 3272 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:28, on 25. 2. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8613 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
dashost.exe {1c1294c5-9ab5-40f6-96ef229b2271c42e}
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskhostex.exe 
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" 
"C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe" 
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
HydraDM64.exe -h:262484 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskeng.exe {AC50B9C5-BB7E-4145-8C30-92786BF63769}
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:App.AppXva4pdpbtkk7eccfwnpaw54mk54vnn8qy.mca

taskhost.exe $(Arg0)
"C:\Users\Zdeněk\Downloads\RSITx64.exe" 
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:AppexTravel.AppXzhp7et9szc37245rrdmnxvs7hhpmh8rv.mca
C:\Windows\System32\ThumbnailExtractionHost.exe -Embedding

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ASC9_SkipUac_Zdeněk.job - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe  /SkipUac 

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "seznam"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\extensions\
bingsearch.full@microsoft.com

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-12-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-12-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-11-01 389120]
"BingSvc"=C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-01 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-06-16 224128]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-24 16:58:21 ----D---- C:\Program Files\trend micro
2016-02-24 16:58:20 ----D---- C:\rsit
2016-02-24 16:50:31 ----D---- C:\AdwCleaner
2016-02-12 10:26:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-12 07:44:57 ----A---- C:\Windows\system32\drivers\geoduswe.sys
2016-02-10 13:21:12 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 13:21:12 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 19:01:34 ----D---- C:\Users\Zdeněk\AppData\Roaming\Seznam Browser
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSHP64.dll
2016-02-04 15:08:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\SETEDBB.tmp
2016-02-04 15:08:32 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-02-04 15:08:31 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtkApi64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEED64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\SETDEA3.tmp
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RTCOM64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-02-04 15:08:26 ----A---- C:\Windows\system32\SETE564.tmp
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBppld64.dll
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBPPCn64.dll
2016-02-04 15:08:25 ----A---- C:\Windows\SYSWOW64\MBAPO32.dll
2016-02-04 15:08:25 ----A---- C:\Windows\system32\MBAPO64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-04 15:08:21 ----A---- C:\Windows\system32\FMAPO64.dll
2016-02-04 15:08:19 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAR64.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAC64.dll
2016-02-04 14:58:51 ----D---- C:\Users\Zdeněk\AppData\Roaming\WarThunder

======List of files/folders modified in the last 1 month======

2016-02-25 13:45:47 ----D---- C:\Windows\Prefetch
2016-02-25 13:43:16 ----D---- C:\Windows\Temp
2016-02-25 13:00:00 ----D---- C:\Windows\system32\sru
2016-02-25 08:24:02 ----D---- C:\Windows\Microsoft.NET
2016-02-24 22:04:20 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2016-02-24 16:58:21 ----RD---- C:\Program Files
2016-02-24 16:52:29 ----D---- C:\Windows\system32\Tasks
2016-02-24 07:03:30 ----D---- C:\Windows\system32\config
2016-02-24 07:03:30 ----D---- C:\Windows
2016-02-23 21:10:10 ----D---- C:\Users\Zdeněk\AppData\Roaming\uTorrent
2016-02-23 16:01:22 ----D---- C:\Windows\system32\catroot2
2016-02-23 15:17:11 ----D---- C:\Windows\SoftwareDistribution
2016-02-23 14:44:17 ----D---- C:\Windows\debug
2016-02-20 08:32:53 ----D---- C:\ProgramData\ProductData
2016-02-18 19:47:44 ----SHD---- C:\System Volume Information
2016-02-18 19:20:00 ----D---- C:\Windows\Inf
2016-02-16 08:49:49 ----D---- C:\ProgramData\IObit
2016-02-16 07:48:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:20:58 ----D---- C:\Windows\WinSxS
2016-02-13 19:16:55 ----D---- C:\Windows\AUInstallAgent
2016-02-13 19:16:26 ----HD---- C:\Program Files\WindowsApps
2016-02-12 17:30:30 ----RD---- C:\Program Files (x86)
2016-02-12 07:44:57 ----D---- C:\Windows\system32\Drivers
2016-02-11 11:23:49 ----SHD---- C:\Windows\Installer
2016-02-11 11:23:49 ----SHD---- C:\Config.Msi
2016-02-11 11:23:49 ----D---- C:\ProgramData\Skype
2016-02-11 11:23:46 ----RD---- C:\Program Files (x86)\Skype
2016-02-11 11:23:46 ----D---- C:\Windows\SysWOW64
2016-02-11 11:23:46 ----D---- C:\Program Files (x86)\Common Files
2016-02-10 13:48:49 ----D---- C:\ProgramData\Microsoft Help
2016-02-10 13:48:33 ----RD---- C:\Windows\assembly
2016-02-10 13:34:19 ----A---- C:\Windows\win.ini
2016-02-10 13:33:42 ----D---- C:\Windows\CbsTemp
2016-02-10 13:33:02 ----RD---- C:\Windows\System32
2016-02-10 13:33:02 ----D---- C:\Windows\system32\appraiser
2016-02-10 13:33:02 ----D---- C:\Windows\apppatch
2016-02-10 13:31:21 ----D---- C:\Windows\system32\MRT
2016-02-10 13:28:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-04 15:20:24 ----D---- C:\Windows\Tasks
2016-02-04 15:08:57 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-02-04 15:08:53 ----D---- C:\Windows\system32\catroot
2016-02-04 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-02-04 15:00:33 ----D---- C:\Users\Zdeněk\AppData\Roaming\IObit
2016-02-04 15:00:09 ----D---- C:\Program Files (x86)\IObit
2016-01-28 14:56:08 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2015-12-08 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2015-12-08 25800]
R0 amdide64;amdide64; C:\Windows\System32\drivers\amdide64.sys [2015-12-08 11944]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-01 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-08 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-08 638976]
R3 athur;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2015-12-08 215040]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-02-04 4686592]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-12-29 935168]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-10-24 22240]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-01-02 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-01-02 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-01-02 30528]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2012-07-26 57344]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-11-01 344064]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 257928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype\Toolbars
C:\Users\Zdeněk\AppData\Local\Microsoft\BingSvc

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
c2cautoupdatesvc
c2cpnrsvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Doporučuji odinstalovat Advanced system care. Tento rádoby čistič vidí problémy tam, kde nejsou a tím si laik může snadno poškodit systém.

[MartasonB]

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2016-02-26 19:14:51
Microsoft Windows 8 Pro 
System drive C: has 782 GB (82%) free of 954 GB
Total RAM: 3272 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:14:56, on 26. 2. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8051 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
dashost.exe {a909b588-b121-4e36-ba3dda79a5b8b33e}
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
taskhostex.exe 
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
C:\Windows\Explorer.EXE
C:\Windows\slsvc.exe
C:\Windows\PersonalizeEnabler.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Windows Defender\MsMpEng.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" 
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HydraDM64.exe -h:131562 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SppExtComObj.exe -Embedding
"C:\Users\Zdeněk\Downloads\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\ASC9_SkipUac_Zdeněk.job - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe  /SkipUac 

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "seznam"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\extensions\
bingsearch.full@microsoft.com

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\w3luh4r2.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre8\bin\ssv.dll [2014-12-20 554920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-12-20 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-11-01 389120]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-01 766208]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2014-01-10 1861968]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-26 19:10:34 ----D---- C:\_OTM
2016-02-24 16:58:21 ----D---- C:\Program Files\trend micro
2016-02-24 16:58:20 ----D---- C:\rsit
2016-02-24 16:50:31 ----D---- C:\AdwCleaner
2016-02-12 10:26:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-12 07:44:57 ----A---- C:\Windows\system32\drivers\geoduswe.sys
2016-02-10 13:21:12 ----A---- C:\Windows\system32\invagent.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\generaltel.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\devinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-10 13:21:12 ----A---- C:\Windows\system32\appraiser.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\aeinv.dll
2016-02-10 13:21:12 ----A---- C:\Windows\system32\acmigration.dll
2016-02-08 19:01:34 ----D---- C:\Users\Zdeněk\AppData\Roaming\Seznam Browser
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-02-04 15:08:37 ----A---- C:\Windows\system32\SRSHP64.dll
2016-02-04 15:08:33 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-02-04 15:08:32 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-02-04 15:08:31 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtkApi64.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RTEED64A.dll
2016-02-04 15:08:30 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RTCOM64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-02-04 15:08:27 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBppld64.dll
2016-02-04 15:08:26 ----A---- C:\Windows\system32\MBPPCn64.dll
2016-02-04 15:08:25 ----A---- C:\Windows\SYSWOW64\MBAPO32.dll
2016-02-04 15:08:25 ----A---- C:\Windows\system32\MBAPO64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-04 15:08:24 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-04 15:08:21 ----A---- C:\Windows\system32\FMAPO64.dll
2016-02-04 15:08:19 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAR64.dll
2016-02-04 15:08:18 ----A---- C:\Windows\system32\AERTAC64.dll
2016-02-04 14:58:51 ----D---- C:\Users\Zdeněk\AppData\Roaming\WarThunder

======List of files/folders modified in the last 1 month======

2016-02-26 19:14:44 ----D---- C:\Windows\system32\catroot2
2016-02-26 19:13:13 ----D---- C:\Windows\Temp
2016-02-26 19:13:06 ----D---- C:\Windows\debug
2016-02-26 19:12:51 ----D---- C:\Windows
2016-02-26 19:12:09 ----RD---- C:\Windows\System32
2016-02-26 19:10:35 ----RD---- C:\Program Files (x86)\Skype
2016-02-26 19:10:17 ----D---- C:\Windows\Prefetch
2016-02-26 19:05:29 ----D---- C:\Windows\system32\sru
2016-02-26 13:40:45 ----D---- C:\Windows\Microsoft.NET
2016-02-26 13:20:00 ----D---- C:\Windows\SoftwareDistribution
2016-02-24 22:04:20 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2016-02-24 16:58:21 ----RD---- C:\Program Files
2016-02-24 16:52:29 ----D---- C:\Windows\system32\Tasks
2016-02-24 07:03:30 ----D---- C:\Windows\system32\config
2016-02-23 21:10:10 ----D---- C:\Users\Zdeněk\AppData\Roaming\uTorrent
2016-02-20 08:32:53 ----D---- C:\ProgramData\ProductData
2016-02-18 19:47:44 ----SHD---- C:\System Volume Information
2016-02-18 19:20:00 ----D---- C:\Windows\Inf
2016-02-16 08:49:49 ----D---- C:\ProgramData\IObit
2016-02-16 07:48:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:20:58 ----D---- C:\Windows\WinSxS
2016-02-13 19:16:55 ----D---- C:\Windows\AUInstallAgent
2016-02-13 19:16:26 ----HD---- C:\Program Files\WindowsApps
2016-02-12 17:30:30 ----RD---- C:\Program Files (x86)
2016-02-12 07:44:57 ----D---- C:\Windows\system32\Drivers
2016-02-11 11:23:49 ----SHD---- C:\Windows\Installer
2016-02-11 11:23:49 ----SHD---- C:\Config.Msi
2016-02-11 11:23:49 ----D---- C:\ProgramData\Skype
2016-02-11 11:23:46 ----D---- C:\Windows\SysWOW64
2016-02-11 11:23:46 ----D---- C:\Program Files (x86)\Common Files
2016-02-10 13:48:49 ----D---- C:\ProgramData\Microsoft Help
2016-02-10 13:48:33 ----RD---- C:\Windows\assembly
2016-02-10 13:34:19 ----A---- C:\Windows\win.ini
2016-02-10 13:33:42 ----D---- C:\Windows\CbsTemp
2016-02-10 13:33:02 ----D---- C:\Windows\system32\appraiser
2016-02-10 13:33:02 ----D---- C:\Windows\apppatch
2016-02-10 13:31:21 ----D---- C:\Windows\system32\MRT
2016-02-10 13:28:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-04 15:20:24 ----D---- C:\Windows\Tasks
2016-02-04 15:08:57 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-02-04 15:08:53 ----D---- C:\Windows\system32\catroot
2016-02-04 15:08:47 ----D---- C:\Windows\system32\DriverStore
2016-02-04 15:00:33 ----D---- C:\Users\Zdeněk\AppData\Roaming\IObit
2016-02-04 15:00:09 ----D---- C:\Program Files (x86)\IObit
2016-01-28 14:56:08 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2015-12-08 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2015-12-08 25800]
R0 amdide64;amdide64; C:\Windows\System32\drivers\amdide64.sys [2015-12-08 11944]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-10-28 22240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-01 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-19 59648]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-08 15376384]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-08 638976]
R3 athur;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem13.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW86.sys [2015-12-08 215040]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-02-04 4686592]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-12-29 935168]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-10-24 22240]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-01-02 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-01-02 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-01-02 30528]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2012-07-26 57344]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 198656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-08 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-11-01 344064]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
R2 slsvc;Software Licensing Service; C:\Windows\slsvc.exe [2012-09-25 10240]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-20 257928]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-06 43616]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

-----------------EOF-----------------

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

[MartasonB]

Vypadá to, že je problém vyřešen

Děkuji

[Rudy]

Rádo se stalo!