VIRY.CZ

Dobrý den. Stáhnul jsem si v posledním týdnu omylem nějaký bordel. Projevuje se to především při browserování jako vyskakovací okna, nežádoucí redirecty a nadměrné množství reklam v místech kde nemají co dělat.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Excalibur at 2015-04-05 15:27:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 611 GB (64%) free of 954 GB
Total RAM: 3914 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:28:13, on 5.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Users\Excalibur\Desktop\runeword\RuneWord Wizard.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files\trend micro\Excalibur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmTlbr.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O17 - HKLM\System\CCS\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F89920-34C5-4D87-B26C-82A93DA72DB8}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{B84491AA-FB52-4B1E-BFB9-61EA94083AB9}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS1\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS2\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SpeedChecker Service (SCService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 14472 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\WLANExt.exe 29120544
\??\C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
szndesktop.exe default start
"C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000b78
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
explorer.exe
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher /crash-reporter-parent-id=2720
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=gpu-process --channel="2720.0.441891649\826656885" --enable-proprietary-media-types-playback --crash-reporter-pid=5568 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,41 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2653 --enable-proprietary-media-types-playback --crash-reporter-pid=5568 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.2.1024200862\1282066805" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.3.1472387081\2038949765" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.5.2111348092\1610130035" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.6.1270858246\248525290" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.9.1806504396\980128186" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=ppapi --channel="2720.11.388631656\1377004404" --ppapi-flash-args --lang=cs --enable-proprietary-media-types-playback --crash-reporter-pid=5568 --ignored=" --type=renderer " /prefetch:-632637702

"C:\Users\Excalibur\Desktop\runeword\RuneWord Wizard.exe"
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.19.1558180948\1221242220" /prefetch:673131151
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /INSTALL
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe"
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.29.88987241\967021446" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.32.1616158760\508846946" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=5568 --device-scale-factor=1 --font-cache-shared-mem-suffix=2720 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="2720.34.1589251585\2052589205" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Excalibur\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BYAIAMUF.job - C:\Users\Excalibur\AppData\Roaming\BYAIAMUF.exe /infocmdline=JwtoYX8YMotYO9072MZX1NSUbeGmRZ6tSeGLkViYGYSVLSCC/r1YQVbRVH+wl4coqYUTVSwfjg9ZDCY5uLmksNnjQ2MD1/xybyLy69epXKNfNT9PpSOfPX+fuHmEvs6QMXBHwqCfaI3knJuM+vueHfyGBFUlU2DiJJNy5w5MTvg9Vlk8Fmj7+CJ49VanzPbz+aLW4/gXxYlUTVGJe8h37tc9LTmQo4IqOPQgBcGKhlSrjc0r3sMfwlPQUrjMArUEAWMG2bBBXBdMJGgxUoDNYLa0WCAEL9fijb4tQ97zc2+53g9A8cbgLHlY8Bfj8mgAwKFjrg0o3O3d9A1b7vY77KnDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.exe /rawdata=RVzGWNrovQRjeidzB4u0Md33aWEsJODRwGm7d/MqyvGH1n91L+WFO7XqlAOAEoKPs4FqKNXPyDLt+UPVm+ZtI9yaICgoRtFbeEXPzYh2mRfB/9KrEV9ZbIR1IF/oO55m417MEJyAN7JmCvNeoU4v7/OucmmCDmQNNg8uhi4xdg8eonJnGGTVLj2hcLrpOFgZxrmEX79gksQZ9jiQx3kS99ttgotMH9Ez2xJFSOdtR+rLAF2OXG6bWF2rvWHZP5IAlGSjZJz67nZsz0AyPVq1ha+UJHJ3S1/VV+mye5ve9LU73hWO76zmp4nOgCHzT+1fOVuG4XhLIXzKEzSRqozz8mAKhw53Fcq86M3Mf99OtXuvfB0vyY5dJDmgmcP2/mLN3n404N//6MgXQ3yy2E32loHbOYFgRlCACY6M00jU4+lByd7WfG+4xMyrm10cN+DnSNKoqPkrDZAIFKu1mrJl+9yuIr/CpZ5/myYpsIn19iBgaHU/jq366QOti0xcrbThP9YzKXAS54vhpksY4cSHHbSEAYsWTs28zFj+pZ+S6KqOpQ/4sEvnnQVJwd/dWW7HeH80DW76xOHYUeAfydA3cQ8i885nKsMfT7A6YAWPCop2BbV4jTMJJG+ToEbgE4OFmi36qVGPGOGhgsAe6k/MWSmd5OfvPcKjSLVTYuFvdUJcnYbeI9BzV55gZF5kwiOZ/9KHqpRvHTdEghJ+Fk3+avjtxGTYcTKFNUiUpqIsTDuD1+wgjeyxVRDTKO0FygIWXvo/y/qEo0U5Czky7ir0tGyein4B3eM6mPNzy33G0a3R/vyoYLBmSkjUpYLf/EH7MnNn9hqpKoXyh6E0UGOUkJT9PHjb2EI+/Sk1URdTkc9DgopHjHyGamXRufGA75T0rhe6NYZgSqyrG0noF71hN+xw3CI/57nAkekmSOdZaIpZgbq4Cwn4u24QWX+8p8NfQtridT4MJ7EAQkgh+oTQqXwsgmLaAaMC4qjT/YACcR8TfxrRad+drLPvQSMpB0oCeHRIRW7XOggRt/QcewqsHCPHEYWQ5UFXG83yyRtCrkx1u+4h8EEJAtQfRjBChB7+IivYTBKNVEyJbwoP3zhxi9xjTP7AT9VL1F4YE6nRs+/GoJ7oT7m8paBTq8KdWchdcvjcXBQUBRQwlGlxavfMQO2ay0aBqVMP8aQIbskjA7co5prjlUa68IR1NhIUB+LI/WGomiXRRFtsunhjpVNOfK1VFtJAupXkLQJ58AwvuvOQJKjhKMiIESYPR7JUwulXphHJa6hpvWTmE+XlYCo5ZKcX172Fj40k0k6m8NlPDUl2GadnLCdgCt7VtXjniQPgI/dT/HVJeKufTuEWg54HoQ==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.exe /rawdata=uOaKJy/prbqsFuwC3cUSNVu9w/YPELsGdUcbWlwnInYImEimMnDV/1gJU67Pa59CJqNM6ldJtxlekQ/IgzOfjU0m2Dj6JvUAEtWaPrni6veObNkWiyFeH50oXS/236BDHvJtCeVK1GzziJQwXH2xWF4UHs4bBq1M6lQ6TYw08OUaJbwMJYht9EgHOU/Kvmqw8dBcH0/BXiH88WL+clds6BCwweBu0bsIIQL93tBW5mtCZPzXmS6AzIxgQYUx7EFA354QxGsW6TdLz9KF0pzbtW1Ym1whtRSWmdVh988BPspCMWwM1lSC0B4mHmiAfApSwlOq55MMcWDYhgha/KPiF8HTf6JzL9PsFxSC2Kfhj0rqa7RiEezNW6GrFBrBFwMYRPXp8wpJsqZfECYQlBi/P98jwwowKf6v3NndsHrF4Aqsgf0GRjGf0d/679ZyQoxcvsQO2/XorOOaP4Ru9FIpBjokvnFLCAMaf7qXBESbfdfH12hdgjuMsc9KmbInqEkcGa4PUZxuweISQ8KodN87kXmbq2S5b+iHPTaYXi7Dl+db1krd9yitx6yLPYaj1aL4EqBSBXSLL136Xxk7PAXbnd1Ezqze+uKUJX4Wp5ZMJ5HBPKgSSu0zgVZpwlVKrNp5uhs7emmSvMGmHmNFyLAtnd1YJZjXZyCWKE0OYP2FKGoexge4pxqtHm/r0S+odzX8tPV6vW+5uOq9MeDSjZvINjgDSJDPfmqIxB94+oEAjaE5r2dE3DRwGBKtP04ZMX9xz8kzyoy6DH1/eT7qqhoLR8hnxo80BApn7TTwN823l8QLilbKqJKHVfu7RrD2aFzfPrqKSWKRFZ1TUebytSTrZGqm9tY77r/fpjefyXAdpRxR1eHlR4n2JXhkUJYzOJDTruXQuEw0dCj9zdsOiR605JX2MOjCnUmRiif0g6HLPwRQ/dSJVsQWCz7FZQVIt0vYzOXcxcjm+an3Ln+SBEr5GGR8uBOtHMvS0bFJXt/Au0oTerDaSo9g8zcDlC6jyjKWwVtaXMMQKHZ4HzrJoZNCk/qMB/7xU3yKJcT7//SEuTDkKxC//yO1Hzd5XkEcmORvtQlpnXnYSf7CdejodflvpaJjUeq+whDVIt6n2INrGoAMZzENiUE0SgPfgkniaqn/Lp7lpYQpd8UB8qOUr179Xfb3kShCD+wxB8YdFrSXh2m0Unp8djzO6q5C6Wsaf49YZEE6W+0pfwUM8QEl9UsTJ8sJzRaGOK/5Ensp6LK/OWzCZllfcRBWMib05Cx/jUuJa/4BENKvW1RCuuvM81AgHN/PVBUu+ALsBv5E/aTswbDmPXer74h35dDwmNtSacoL681CuDchxhswKvG4WY1isikn0+PIVHIxMBWlSF0FKBUu72IjXJaOFBzhHsQDlbBGCjdzXK7yAWAoXd8rlw9yHih3+Lr2CbiXYoFQjpRgaf++gOCxzZWLM5o/9LGDzL4UefWYqVbEzAis2A+fBPcR1mQA6oBkbC6MIU2TeFz5q4QShz7zJdp093ewV4cOYZSr
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10.exe /rawdata=pqMhTIHi46N9+K1l1LbwW7PbmD3s6ARAfFSSYv2kyzjf6RJ6tZsF/YjYvm1VKXOlbgPbfRzaPQJTXYivo+iPHJt6iir0ctlSsiR2JC+dfZOkDW22nk/hmLl+cgqLQDqTekpZsKNO0luDgFsmiRiFzf58H1g7SPsGgyKYMyVPpoZ1f3mwt+DGsAe0DEpiB/Vnft5e1bR2uF5Bkxf81gN+iOqCw6ipBOSzsvFkhhhHZSZoe2AsVFUThbXTf4cfzgW9KLkWWaIkv/5OTef6cYEnuyTt5TtWLnTfwmY4wFau+BIlDxtes6jaap3N/rE1WVVx8gnrVdt4PHZ5Bie76PYO1Jr3B1AWMBK8jFFyxYzPikNMZjh77hJiZJIPOk1HvBwrw2+iqXz3MWD9D9wycfkbXj9BqePq+GTG/pcbt6Z1/zqi1jCaQMNWXqie/6qVbKLBCQ8Tod0kX/u0zaqySjTEzIgeVKXnv82ccqbXpXRo3kUiyUisUq0HhCwq7IDSf2TOqtaHSyopyptjy5PwOjNwNQLj2BxLVI+wIFVgqR4NdC3ibitq+Rw1sYRfvy7AGxgaEgvoO0uUtTHubXVMI0tzhDHZDwEhWRtqB55Q0e8G/+r4erJ61jVs7d04D3ko6S1zDxazyArKz8UIySli3RBr68V1BnFctAexZLcACzHmBbN3kkGmAdlIdnvD2+xgM2ynda4EVXA0fMtByuWL93EQ2ymt2X2VMiumzNDNqOCvxWuhqbhXHAcB5f1kExaodoTuMjzuNG7WEsi0unnYQ3MWpzRSiPq6fx5kdubtCi5BS4GgqtvGlG+SrFl7RslVyd6D6EOAkMUuBTCmw06/p8k03A==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.exe /rawdata=wKTVrdiSOU40ajZoYDm6EY0gaJKNB9/oRz+DLkgcBFc3ZSgvhLb4XC0Szh4alV63eUj6ferognDxBhFRGgvpc4LfuEYIi8c73zXE+lhac7ENwQiCOSUkg2oi5oQOhynTwcZsRCfdQtcBKASlIwLynS6leaggkDpsRgCsAfPtLoKLRM2Lny0SkKxWjJEhtFmiGQiIthmD0Mx5nCjyRSGC5Czjp1BYXjLmePNR3tVaVS6PSzFr7dCLdLvZ/FVLU0egLaktqOBtMHk0icLtY5d2XeJ6E6GRukvzqXNt4Ebtv4yTamHXHCfej79NrZfb0J6tZiEseS/8BGTlmnSM0iHGkycJTYCaMcfrlfwmvCZhA3a4A89EjY6OXxBQP8WdMRIAQk+naUAnvp965WWmrEy9HfqzId4cEFeOg4ahXOpZr9nH7wX2/pyeItLGkES4obtkSLPdH3SbUxJ23LTbcSLaz0PAu1AK6F7lhoKCDnAzF1u4IBlcs0LLl8OJ71O1vOWKXPZW3NTqmEZF9komx7sVtQvNk9KFCshrCpFIrkK712AtFhUflRWzAjRtBuVriSId/w5BE+iy8LoRzkAzTZX8lj9wkbA/0yCw59Z64KAJJDUMaHlSsH5UfkLNE5klElJyYZrY/zuAW00/6QOS6mBAczxIa6cAhIbmasBirrzEBpvCnZbJpp0V2PDeZVdzfd+mH0l/SSAXy0TTFQI7U897bHi2WCmxPzpKxoTVSypv7GQGZMRQQeBDsX58AiTdXTGwJ+cB/u9WC5nBBcbJQPW9rmEiajRA4SiAmqFxyPuTqcYTBQITAU629gJ6WYb0H/j1l0CY3PonPPWlpf/pBO02O2AjzwBmGMJicMUbhAjJo0T15gDPUbxxOuMU+xdzsrchYv/2CR0sIrxsXnfrCWLpBTx/7Q6Lp4K41kskHNagMAoBErLudPSP03a1vWDDn9ZCWCI6ZUurR0feZ52rrZhNImyENlltDPJVpDT0CKEYmWHfZvjzdrzOsfctPha0lW8EKsz9SIba6wvSepBZ8IoQN4hUcd8NtPvVxXGDLLu5RzMbymcnFtR1zYYfNbe9jbJSOw9sdri4M03N0PkVmSHCWW+De1uSCHORgrJXVqBcSyDmif5eS/uhn7QmBZQLgBkVvBgApi3Uj7AQMlcpNNhQRMDyPHyodW3uajJPHwArtK4UXC7pyjNBcLteUWjGKbloZOokMJIxYl/WV3y6MgONkC9KgypvblLr3xeD0tiKBYMMBUNWkxh/tRvTJDFCkAddwVa5eJV3RZeBZJw3M17DTRqhlhjPIm1zlYB9uFssb6T7b495ju+PF95E3hIROAM1yd2mHsLx20hcY4Qky7t2F605vHXKKm+Vv9DrBB1nOtWswiMdWaWoiI++A7d7dVbZmJRnvJVRVWv93/LEHhJbzjrV7mhIB+x16YSJOGqPHZmvkAx5IldkCJS16tO/nEJhEj3J1n3YZxDBr4CBei+9BC2gcGiZikqtuj2vM8hjUL16TLZ0q5rGz427GdrE7h7KKD8Kxa00ywSmd6EIvbTrBJocvfiexDhHh5Qk8SER1wgRuVVNMgXKAIU8VQfJwoJKfla3gsqMWHJ+R8DQ+UzTHiS6oRj25ZfHl3g3x6dX8qptHcGulB8G7oj8U7DA3vtJe6teMog2Tkhtxm6bHWDrGMA6tVeWPk/VXVTMVOTllJ4A6RM3AWHgCJt4URFJcf4MiU7PSd6db7GGexfolwq39AqOdSIo6an/HXVMW+tPYSjfCdHAgNPcPctQVSJ9iOa0lLX8VggeKtTyxJRW20R5FQrYPO2mBAP9hqc4h42H1jX1k+FintEkgB/0sFuy/7tmbWne04g9ldcLtsC0UXvYdovLDDVkEzMoeF+AELvGBjcd80OxTJD8XBe/cOePjfGR+XXS49OGNGV+MdTFP0ORY9NEhp8vMWOQ0QQpdlyfCjs/9hjbP2LIVQ2QtgVuOeS1n5kh+P8+Ymw1jqpiHvAVp7kCfHZY8XAev3Nvuw3OxLhkISzKIAvfwWnywxo8IVyUHT3IVpT/Ju5KruxukpbuDQddD969qF46tHU5ylOOINauv0HnF6+h5HxFXIsTme81c/bArhz0Wvy5Xr0oJ4MVl6n+4oy/CGXwKLK6TTuvlk6s7kCohlW6AAxqBWi3I0PhW/8c3ZUmeXEKlbZlxyYXqE1U6jAwPpBlX7YCXztov6FYbMFtDDsMCBXpMjMAAIKTDVGspS2RQfMDRYXSF+42knazlCCZnzkusi8A7HQNkLY6jzQyE0Z8LXIygyw40QXeCAsjhYa7v8eepMBjuiiKamQ2JYzjdyaJQ8tSfe1CsXzQzY8G5GzWsd7PSxdeK7YiWcYmKXrg77lzmZCTkrFtpw==
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.exe /rawdata=eMbYeuVSliNax57Luq95IskpqGmrlxHRFxl+ZOsvTzjPG0PjNElf961jaIPe0s5qMasYkPrII2lXyyCQP70e46rA20M4HAgQlOYu7fE3S68u7XeT8lsqQYVxc7p+Jjbz+IpHB1G8yZ+hej8zj56ENmAbR53XyXuZWM7Jx+/1MA1bkmOjimMLfNoTlVIyUWz2OvSMPhrGbZ+ktC3F6kX9qRZtrlhodRxZ213SCvE6fsfx2jjxPG0ccaXCSBqrqYKFwAwZX2GLCMFFbFUgBvjbzIctfjDHe330zNedCkwUImnwROXMidlOUcL2fTrvFogDTH8C82AAFUZXSPKfOUnLikzhV0X++WgQZTWUmjcmM+x1AR6TrBkDeGxuefSFuLQ992GXsdqK/ob5oQCG8waiZVSTyYKKYejVjZl1ona+iWGzVPZxB0IOwqzMPstwOUMv1Oy6Kv0rxGzDzKSPharPHpM86hZDdbe+I+i6tbx5KvDZ9KY1VLsatnUtxYEvHU4vJA0mkHwj4JOGj8ZfqGGV1vwMrb+atZIm6rZcvloA/9IPozieuVFnxqREyhjo+Y41ikeo0+guNi61UZTW9lEQHNa6h19C65WE4MWmj3qQ1IUKTKVd7eo4GTpjO22a5+PUqWC2MJs7A8QOHTyylVQlvOcezazEsMFz4rWtRhY9cxacrTmVr3/egiQl1CpxzlXXV5TsX7NX31Qf2RQyo0ey0f0YrkaAjFxbmJ2xHQR+pdEfeJlUlpxp/y+yhorXeYZern/i21xhBaBQljIE1Hx0hJwqsYm9R3XxUxEb1sJoc7SagQgS+xL8BdUtPxo7RQL+pw3yAMCNPptY/JOdZLsQIIRkQDnpSGRyZ10c/dG1rY73E2yO1g27PhrEs7X7NCe2+LinJm0N97xda8CDD3UsiH0xPgSbra9VPaWyhXZsI4Dq1e4PYdSygVPoczqJbaRooBZ4aQKnnA3oZP7EOKysKSqAVqLFw/Oyo/m7bTqpevimTcIKxDoj+un9gdmATrUgc6CoIj0MYmwWM7e7ZSLLJ+GZSTz8Yi6UPb3r8r7ZP6f+hWDCVxenJ0SzqaaKOP0hdb8VZ4scSZm14pm6mPoFbqUNQ+MD0H3I9++vCB7WdJoKmxzfjXLvsQZks20FeCAyBF9t2+IoKicy60zt864oNwIiDEIiLrQykOu5/irwLXk+g/Gw16cPJ3qjh414kuZrZR+xFKnvI4JrJYZJsGgyjvSXR0JpBXTyUjUey30MgECjsWuUumhB7+nSH2ry3ilABE+OV329IfEArvsixpju9jFrk5O0+zunYy4gweIgTEhZFcLgWI6SSH1B+2safUNRmzXdzuqHTZfjv0FQR57VL5tj018yC/pPp0QBb7c+fWA5mxpWvuVa+q+hg835nXH9zk5Z0owU1uFXX9nmRXLSXxKZ7lmQa6SZ/QHtpKg2nKQr207MsZERbwTArdu1OhaXYuG51FGBGhLpdIqLZGSowPsEqLADgu9d/6vkZ/lb/DP9JM7KnOrujQ67fGBcfBlDcQfnoCUx/FcX5pZMNw50/jM6f8V4Ysu+7X7s6H0Z2bPhbjviIfcJluxKNe6CIQfcgI0YDG56my080C+thDsoj2v3B5HrtKm/0ynO4GtsRQfwMC4n40Iz7rIJST7snaOm3U19DZZ+OkPE9Kjb66n4QbPgxOgczxahABwae90+fAaWyO39awwDwjfvIcBZ3xcF4zyQ+eLm/2ttU3z3S0KBNYS3jyihI68EUwQF/nRlI/nSK0N0WsqmYEuwkZlBVaivWOVqdecnd3L+vCJGjY/QR027/XWo5kW7MJB7j8sRuxuHOaD622NhtdGUThdY2TvsK2E0G6Tba2G8+Ec2HkW3Z5cSLvMcXjZdVqup9oU9hxJgEs6pNxFNuzlyNsMQrD11Sjd+Xp7a9qoiO+v7/XoaJAkxWrGReVc0o5hRfCtyI/m3DO6wIuvzfQPPSOr/3soaxGgebOiBAdcYe+v595easdoqa49ugPwvf0cR7HEjchhC/o9wBq9ceZjm2ltFgPiP
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=GYLPc0jexsaYHVGKfFcnWH56M6cCGMGMyV1WMScqzqIgP+LcA+wAIM0h8BTqxzxMQ6oMbko6qw/Q9GGwNS77HoDfbyzbbSUDlU+x3dQvBnNZxM4sec3xlGYCLHmLphPTlkdy8s9iwuvI1Yy6qgtihD+jp5VdsABlPlpp3dGg9VJ5jDlsOw+9Oai/CbLEL8PF2YdDjCOyfLYRVeqmGGVJoDswL6jAfYd9Kri+vLXgl6ydjqLu3y6OO7faWQILaIBhRQAK8Ax/H/ymwVNHz7HBkyuDHY2Jo7AHSmJfHUrL/eRzZyjeil0G2+95wJ1jJqQbyJR/BbHdOyXrvKD3vPgJrE+uNIQsa+9C41gPFeUethB9tWYs8mpZTXWGp5zGBB12vpW2ZkKkoO9+99lBkm5oi8MbDc2tQYsqB6pbQJQBbV5U28lI31d70MwPyvYWElzN+LAX4Vn64OzAPpYCu8zGojflIdsOlakxRigRkGo4CwQ82Ymq3ZrM19RXU2rsCX8MpYu/PUGmbZG/A7S3aij6H2KYDgjvsFdGgA10KH0Vwv08sTWovHj4L51dZi80o2QN0PK6faR50OFbAvnjrozdwnWN2krUz5g6LLPObenyxDfWwJbGEr/Usofr2qCUd/Oeomrk9BBmrTcqvomXzFS+MKVdrEmJ4qjyp6kPgwSHAHuBErAQVTCm3iAPSaSES+SVVIEFaMWVF6c6frinAFMu3Pigl38ewg0zEqZSxpyMmhFpLoxmuNb89TNgFfSv5nnDOUUQtfI89XMKmIriWP7gJSbWujoXqbUhW5lmWtew6MDvYz1Y+3OPzckWDchvBW5W6CDcD7ATOjZTJv4LzZgyBoPpBOW3q4O7JeHtRjsKp8hyjuWMiAAgdIEB1S+OiLziX0IksNFqVoaOQDadunNsdjLV5CeAGkOd5+mKd89BIMSrv3UEVQJ1JmoWFIkoYuJUXqDD6Ylvvr07vLulM91XUwPtEbL3zyA36PESsdAV5yrooNGXvX5gV/ChiNwYhaDZ
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.exe /rawdata=GYLPc0jexsaYHVGKfFcnWH56M6cCGMGMyV1WMScqzqIgP+LcA+wAIM0h8BTqxzxMQ6oMbko6qw/Q9GGwNS77HoDfbyzbbSUDlU+x3dQvBnNZxM4sec3xlGYCLHmLphPTlkdy8s9iwuvI1Yy6qgtihD+jp5VdsABlPlpp3dGg9VJ5jDlsOw+9Oai/CbLEL8PF2YdDjCOyfLYRVeqmGGVJoDswL6jAfYd9Kri+vLXgl6ydjqLu3y6OO7faWQILaIBhRQAK8Ax/H/ymwVNHz7HBkyuDHY2Jo7AHSmJfHUrL/eRzZyjeil0G2+95wJ1jJqQbyJR/BbHdOyXrvKD3vPgJrE+uNIQsa+9C41gPFeUethB9tWYs8mpZTXWGp5zGBB12vpW2ZkKkoO9+99lBkm5oi8MbDc2tQYsqB6pbQJQBbV5U28lI31d70MwPyvYWElzN+LAX4Vn64OzAPpYCu8zGojflIdsOlakxRigRkGo4CwQ82Ymq3ZrM19RXU2rsCX8MpYu/PUGmbZG/A7S3aij6H2KYDgjvsFdGgA10KH0Vwv08sTWovHj4L51dZi80o2QN0PK6faR50OFbAvnjrozdwnWN2krUz5g6LLPObenyxDfWwJbGEr/Usofr2qCUd/Oeomrk9BBmrTcqvomXzFS+MKVdrEmJ4qjyp6kPgwSHAHuBErAQVTCm3iAPSaSES+SVVIEFaMWVF6c6frinAFMu3Pigl38ewg0zEqZSxpyMmhFpLoxmuNb89TNgFfSv5nnDOUUQtfI89XMKmIriWP7gJSbWujoXqbUhW5lmWtew6MDvYz1Y+3OPzckWDchvBW5W6CDcD7ATOjZTJv4LzZgyBo4zzDfaeN2knLUhfdbEESZ+leZ0pVHHJoINM2mYCg+nUu3klkaxwRiWPDLjMeUF2XJ+bnd8PshErF8POyn4q4MqHnarna81ntbQt+Z/w3WP9wGVZtiQhXmlL1z+oYwi4YD8Fqt3DZc0E50lFAkLMBydcXxjCaBeYrUalk1HWddb
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.exe /rawdata=w3oTcKGwubZKMieRt7hHeU9ql9WlUJcH0se2Im+6m6NTGTdRLcnDm85Lsaz5wgAdbANanVvzGSOHisNDOW2uYTHoT1rv3/KEZFbYrV0+wohlnEB+3C4SKm+Mc5AH3iWfwKT9cuZeX7hyhIQjaiIQOIiwB2LQiVOdJiGLlnIKM0SOjZlzvhzkUzzTXdDTHBSZXbkg+4WPI1EilX5khgV1c4qIN8/sATtNekk3TGlt5etrdsODlTymCGFZIsXswUuyoxibrHJ3753Y+K3IjY/y+oWZxf27mEnlu+ERpoRqMZCmUEBCWggqf9v1O9C19wYTRJNlREkXI4E+ik7YxXKBiV2nH6UBVne8iaqrjth2nHUwNEtevcfMY6xWwBCVI+SQYZBE8w+1/6c8H8sIQVqmuMdBYgm+t1+98NqxtrQVOdZyA9TkSGwM8kBVAdVhmt1030UcjW644C5DZ6f4lXJVhzkZQ0oResJP509JDUS9dSZJxZK5Jk6lmdOKNNM5GPGdtE2JmokCaEUYTKKkKYbxATIcKNJfu6swwnMtMBrkVyt9cx9jC4mG+y70iTdg/DjFKn/BtShgx4o+eixInGdUcHLW0SgdzJcmDvRO69pWPcNZs8R59aXnAxIcCaXLU8OVUDIXgs58NbcxzAkWKq85/yGCL1mhr2URd5IDppq3md61twGbZeYzei+nQrRWGyurh59YAhUtGz5zpWCh5SyjBP+wSdohZrkOXYUYY39bG35ANNlzfNLPG82DACAM8aje00hlOP3wtyDkDTUW/EFZswW9izQ9cVSI5m1MjPM0blhoIdC+FJL8WOQStQXqWBF7R/XI2z7wkg8vgmWno4hV/q8HAgu95eFnmdoEHf3FSwnsEG4XyWALqdAX5Qww7cgfmSpjX5OwL0myriNfrDuxj8q6wdspXJFx0tQBRX6hl6xfbHATS6PzoSQHjwPJuWEWmje/SZppnWBlKWHkSCYBnHt1oSgefyYXsZdKdx8g6XiyghqjP5GlxLz9PMZ5YQ0/hBVAmSwTpfB9OEEUzmemXK8PxzmMCFnT9eM+LASAcjC77Q76wzWPTBCk6IPYDRVhwVOG3+goYBA9asxUNEZXpJ+1ZPF+TuPi1jMZs/DX8CK/hy9I9xRv+4pEQWfNiTvHv0PVssQjNHOvsth5benFgZNtX1IhwxkjKUi2b7Vzpg8aRaHUN627aV3TLqNQ7NssMoiT5+E5687kgJzySYMtQc+YJ9YbQN71VyhJ1VTNZAV16JqABFpqwJsQsnSX9A1JW6kH7+7q9DfUpBS9iaExoDLiwKTTWSgI+TdGxXbkyjA/C+2j/4M9TvGPztpOWjxv4jhvIamJLVeNosSNk3p50rLSpeLjCAYHW7bkRtEjGt+ffjzZFbRPEnTxFYnp8F6OuYTa9K15p2+VUR0izm5TDfLctRUNtlzpuJIaGBUmIQGt17FcP1YzkkgJJJT1Edjq6vDm8Sgx9cAfvzlGt5KtLlmPeoBZxk3wcLMoxMD4FFYnixEGEPLDtaUqehGXlRlxE3amhW5h2uM8Zpwgc8EDWLwVQKJY4gsFAFHcZ5WwQjfHrrcmSy7ZTsctly0nGUugMZT+b+04IDH3HJtf7TgGNzpxq1KQaieGrAd0D5G6jR2DVZik878Myw+W+8LrX6vtyD5FrLsERdfuj9aawC75E0mOFqch3MMW5dHc8fGEemxjFQvc6Rheu32bpgwJASthcrDNMGxiRNrl5rZUm6bdiSGBBM+jKcBMc0u53mjOOk/0KAQGtYfS8Pv48D6ug4pwegDi5TfI8ZxpJVpCdKA2l9VaOZouk7iNzoEFoiaORE9M/HWzGqjQwDcUO97jbi+IZ84RsIm8onJwFlqDl1chw8LmQthp5bJ6act4WZY3VrvvNWDmoSx1/utWYr0sbgVoM1c2SE6+h5akXF47zVypvXCYiL4WmD9kKssUEZBGQK34QyLwEyntb+fhi6B6DtEEUMgI6ytoQpYbDIagW4wB4xmxnTR8ABt3IyzjbpfnOZf8qzcD2ay++h/HH2/8Uaf3ieNAg+gwksj3tqSpJbCbVodCjHO0v50qLX8PiSofY7hhBca0wgALAMWRwFVtpEsutH7j7vQP9Ukjo2UyZWLPbvsAhuRNI4o1pzImBUEnRKCAYS28/bBSSladU8T2RDq/y8pP0FJBGSI0dM49Sh4+jA3/ASpiJuj2NyZ65akolfBQ2oR/R6re310iZDr358wR0ukDkIem2ivp2p+7f24Dnkb2u6UrXw3/pgc1qPJWkmRwQjmLiED6dG9klFeORW4kYNl2Ea3ArN9K2sgC3wfgSiMFC2Zd+KJ43SC0CO4hOdAKFRni+6gFNwb5p3+Iwjo5g82EI1awW/VqGmd/rYIosQHCoW7K8EVtB5AOdk5GIdv7EUmxwlRMoYpLjgzy8mEtexEzp21UGQPgCAttxXZmHF77CuMHhVWXoRfr0Edeysx3tavyTytRWn92ZAIGihOICNxPhK3BL2XKCRFsU08/MJJdTlmOWynZ0XvOfw8lJ7CBWEYcxSwDaHjdqL21Qat2
C:\Windows\tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job - C:\Program Files (x86)\CinemaP-1.9cV16.03\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.exe /rawdata=oxqGVuh/BUXqmmfalzHKHzaSThzREkgevRidHwq3bHh+nuCHghh04Et1hgeVnIusfMr83Lt96dwnw8ATBU7HNTGYKLSyUYA4Tsu4/bf6huRRXgf5Ik7Qq+W0eBhwJ1+JGGkelY83kMv5YA1gxjiTEDKDWh9kWZI21PZaFevRiMBScxs5yxPX2HqLvMWI3g3Wy2x4EuBVrvwCci5GJEkmFbstkM62sqFVs/C6C+Xdauem+LGmIVAElWH5/p12uvVivoftU+FkbFa52trgpZBJrrYp0yGC8SI+ffj2KrLwwSNY1EujASLMvHswP8i2nqUmPIW7/b6m5dkGbMWdiNiXNGAxURbtE1bqMSgJ0uCtY15N6Tl+nIRtD/9FjKLC+lV+MxBTcmafAzI700VSOChr6irSb3wU4aOPG+LmDXKQPu4srxXRnlSd+MAM7SzYMAn9yBTlQ2sp2Tv+l1bFfxnO9zzb7M6Ek4Z+jEEB3iXwH/qjfV2UBSe13rhNcu0UK7kpGDb6VFGLvmLH3ZLRxIk6iaUEr8P0zNol08N/YkgFtK80rSDDOVJRRUkNgfRIXdshMvNKzKhz8AV011+8ODBuew1CuJy1+Bna1Up4c2FEpDvSqcGWZ2TIbFAUWJZstqbz5EJh6LhXpzm8OpF11rSi3oGFKNDBFbucJegeTBblx29EjGefpHtTVM9g+s28WY3/V6WMtPzzDx2rCvMwP4UocnKanNRAn1AcNj1ETOSVCjvQAckxVqXAgY52GnBwoS5D7dKC/KTUOCkG6FlUYVlSj32QIlKKQ4u2t83g0Te1cOF7qrtKDzuuKgYDpl1fY3z7/KxIfItJ5b44nBECE+f/qrJAbDuShOIiwPRDW4GsTfxe6y0LH+8Dvf2PJLIFkF2QwJu/6ObOBAGj2pHCgpHJ+bvMMgzcHohGQzVK2J/nCV1dbXmZFp0NyC6TptowKyxFhrEurikJ5KSv7M16lhWNRsLDjygAQbazZ1E9a0iCLOWp3zDL71CFynZEvCBNX6y1sSx2bIahNI6iEFgWO8PEMcz4zvr5iD7Xn3jfJqReNrePkb5aAT352E502cchKPQT2KfshO4HNEf7fQPTsB8dfBN058PIK9z+Zq9LJkHOoK/9DLVsgpA0arHfQKbZnbe7tk5PIW+SjkaOeRsBtaBlyd99bCp/P5fjk2dQj9EmxS8k2BMBzb1PwKsOSVMNU4wAy3OJeEyEGmuqffLKpc8ZxQ0F/DMRWrExc7DOZiQvVc6yvIikTw75QJbC8i0o8CDikcC/bjt5UU6qO3f/vaA58BebzgZWEBp1ydsNkv8uZStclA65DFVugUaQotAHJPQz/XnQs/ubfi2A1xwBzsx4/HGvqYnzjVqdEPfMn4rfdQcVCcwXemiYRbSVN9CoQhKdNO5srvtT/jibDEkHm2iDotw+hBb0E2sGbFpa7p4JwMcwrwfHwqWs4vfo3DW58z5CVZr6vvnRVm1a94Jhybn9lAFO+C9qGqoL5P2niB4fmB8HE/H40mmm2IcKtzA4jW9aiQv9plgIgcSUvrW5oeB+LG85OUis41+NFJHs5TXiQUl+zb5JlTizaGch2aMgE3bZoJdbpITAjavc7fSOtuaFIvCnCNBWqG9MHTIXfq8gypkXeaa5wJu804i9ukjSoS6rB9+xkB5yMh7/c146BmjlclHKc/VbSjBFtCmC86ksumHEZ0bwm9z22mrqSTfQbgqqRDzI2XHA29s173hKzx1HyPaXSV30jyYd8b0ownX8fgaaXchW/c5RhUIvOgNTQNUuoSmVgFrvdl1e5HFM4EKtkooY9aN/QB3GjzkAXAEv1F3kSZgeJnbhmovcJ5e2+pRixNqDfSuevXy1g2Hz9SWnQWQuN/x8tAUqsX9rR4tY+mFjP+CTBeZr9tF1VpGfDcaWx4SR7wqq0MXHaIk1SDwxNnC758Mo1BQ4fJ72i3lK8vOFWZFQyT1LLRnGJuapofIcibCSSaZsG/v75yIDNjkJFCtVMF+7CYARe3gWlLD0prZ26arvN9PrlyngJfJp6dwrqc+rglfUd/4iZuKhGeR725VYISB+nwBaonQBryI19zSH4sXd2QPGqy6INPQiKr/CbZbImsZA+/7PFQVxhKNdFSqBGVmA02FcINmYDbmwbb5sB4Zsu9ruxpSHoStF95/pKTZxngnyX+dXa62zTrs+kdtb5cHqXQNOFwMX7k7eaRy7PDqj92C1gCrMK3sSK/Xk3hsBzlOzuAmPPT6cU/y92D6BufBGe419F8ictS5rHlLJELiysJkvoImoGnX3SxZoRtwd4nQClIHhbRLMfXA+UHOh3SH7paZoYSu032iI9PAbePhi+pPm6fB2BUb153yG7YsH5wa/ezlEk0fhSevPAg==
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PC SpeedUp Service Deactivator.job - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll [2014-02-26 279952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233}
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarmTlbr.dll [2014-02-26 289168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-19 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-27 12937872]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-11-04 2774904]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-31 2166552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2015-03-03 360904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe [2015-03-05 2503704]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-02-12 127792]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.xtor"=DxtoryCodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-05 15:27:57 ----D---- C:\Program Files\trend micro
2015-04-05 15:27:54 ----D---- C:\rsit
2015-04-05 15:17:11 ----A---- C:\Windows\system32\drivers\stflt.sys
2015-04-05 15:17:09 ----D---- C:\Users\Excalibur\AppData\Roaming\Spyware Terminator
2015-04-05 15:17:09 ----D---- C:\ProgramData\Spyware Terminator
2015-04-05 15:16:25 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-05 09:50:38 ----D---- C:\Windows\SYSWOW64\푨ʲ
2015-04-04 20:13:53 ----D---- C:\Windows\SYSWOW64\辀d
2015-04-03 20:06:51 ----D---- C:\Windows\SYSWOW64\䁠Ġ
2015-04-02 10:55:26 ----D---- C:\Windows\SYSWOW64\푘ʿ
2015-04-01 16:08:06 ----D---- C:\Windows\SYSWOW64\俰ˏ
2015-04-01 14:08:07 ----D---- C:\Windows\SYSWOW64\̀
2015-04-01 07:45:37 ----D---- C:\Users\Excalibur\AppData\Roaming\QuickScan
2015-04-01 07:40:30 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-04-01 07:40:19 ----D---- C:\Program Files (x86)\CinemaP-1.9cV16.03
2015-04-01 07:39:05 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2015-04-01 07:38:43 ----D---- C:\Users\Excalibur\AppData\Roaming\Seznam.cz
2015-03-30 23:22:29 ----A---- C:\Windows\SYSWOW64\Access.dat
2015-03-30 23:16:09 ----D---- C:\ProgramData\Tunngle
2015-03-30 23:16:00 ----D---- C:\Program Files (x86)\Tunngle
2015-03-29 22:00:51 ----D---- C:\Program Files (x86)\Diablo II
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2015-03-29 21:20:54 ----A---- C:\Windows\DIIUnin.dat
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.pif
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.exe
2015-03-08 12:49:07 ----D---- C:\ProgramData\F-Secure
2015-03-07 13:36:48 ----D---- C:\Program Files (x86)\Check Point Software Technologies LTD
2015-03-07 13:36:46 ----D---- C:\Users\Excalibur\AppData\Roaming\Check Point Software Technologies LTD
2015-03-07 13:36:42 ----D---- C:\Program Files (x86)\CheckPoint
2015-03-07 13:34:04 ----D---- C:\ProgramData\CheckPoint
2015-03-07 12:32:51 ----D---- C:\Users\Excalibur\AppData\Roaming\Avira
2015-03-07 12:32:37 ----D---- C:\Users\Excalibur\AppData\Roaming\Mozilla
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-03-07 12:27:22 ----D---- C:\ProgramData\Avira
2015-03-07 12:27:22 ----D---- C:\Program Files (x86)\Avira
2015-03-07 12:27:01 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2015-04-05 15:28:05 ----D---- C:\Windows\Temp
2015-04-05 15:28:00 ----D---- C:\Windows\Prefetch
2015-04-05 15:27:57 ----RD---- C:\Program Files
2015-04-05 15:17:12 ----D---- C:\Windows\system32\drivers
2015-04-05 15:17:09 ----HD---- C:\ProgramData
2015-04-05 15:16:25 ----RD---- C:\Program Files (x86)
2015-04-05 09:53:38 ----D---- C:\Windows\System32
2015-04-05 09:53:38 ----D---- C:\Windows\inf
2015-04-05 09:53:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-05 09:50:38 ----D---- C:\Windows\SysWOW64
2015-04-04 20:11:27 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-04 18:00:05 ----SHD---- C:\System Volume Information
2015-04-03 18:54:17 ----D---- C:\Users\Excalibur\AppData\Roaming\TS3Client
2015-04-01 23:05:34 ----D---- C:\Program Files (x86)\Adobe
2015-04-01 16:44:21 ----D---- C:\Windows\system32\config
2015-04-01 10:22:32 ----D---- C:\Windows\system32\Tasks
2015-04-01 10:22:25 ----D---- C:\Windows\Tasks
2015-04-01 07:40:28 ----SHD---- C:\Windows\Installer
2015-03-31 01:23:34 ----D---- C:\Users\Excalibur\AppData\Roaming\Tunngle
2015-03-30 23:16:02 ----RSD---- C:\Windows\Fonts
2015-03-30 11:27:11 ----D---- C:\Program Files (x86)\Steam
2015-03-29 21:20:54 ----D---- C:\Windows
2015-03-29 21:09:37 ----D---- C:\Users\Excalibur\AppData\Roaming\DAEMON Tools Lite
2015-03-26 16:02:55 ----D---- C:\Users\Excalibur\AppData\Roaming\Skype
2015-03-20 21:23:33 ----D---- C:\Program Files (x86)\Minecraft
2015-03-18 20:11:16 ----D---- C:\Program Files (x86)\Opera
2015-03-14 11:48:00 ----D---- C:\Users\Excalibur\AppData\Roaming\.technic
2015-03-13 11:26:20 ----D---- C:\Windows\system32\drivers\etc
2015-03-11 19:19:14 ----D---- C:\Program Files (x86)\Reborn2 - Copy
2015-03-11 16:34:11 ----D---- C:\Users\Excalibur\AppData\Roaming\.minecraft
2015-03-10 20:10:53 ----D---- C:\Program Files (x86)\Reborn2
2015-03-08 13:02:32 ----HD---- C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2015-03-07 13:40:52 ----D---- C:\Windows\system32\catroot
2015-03-07 13:40:51 ----D---- C:\Windows\system32\DriverStore
2015-03-07 13:24:17 ----D---- C:\Program Files (x86)\SqueakyChocolate
2015-03-07 13:23:17 ----D---- C:\MPS
2015-03-07 13:22:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 13:22:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-07 13:21:35 ----D---- C:\Program Files (x86)\MKV Player
2015-03-07 13:21:13 ----D---- C:\Program Files (x86)\K-Meleon
2015-03-07 13:20:41 ----D---- C:\Windows\ShellNew
2015-03-07 13:20:20 ----D---- C:\Games
2015-03-07 13:20:08 ----D---- C:\Program Files (x86)\GameforgeLive
2015-03-07 13:19:34 ----D---- C:\ProgramData\DivX
2015-03-07 13:19:34 ----D---- C:\Program Files (x86)\DivX
2015-03-07 13:18:39 ----D---- C:\Fraps
2015-03-07 12:57:42 ----D---- C:\Windows\Logs
2015-03-07 12:57:42 ----D---- C:\Windows\debug
2015-03-07 12:36:12 ----D---- C:\Windows\tracing

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-02-25 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-02-25 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-24 283064]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-02-25 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-02-25 44088]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2015-04-05 51496]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-03-04 91648]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4102928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-07 75048]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2014-12-23 78088]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 14976]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [2013-10-23 121728]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [2013-11-01 376448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-08-17 116640]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-08-17 38944]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-02-12 184056]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2015-03-03 445384]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SCService;SpeedChecker Service; C:\Program Files (x86)\Zrychleni Pocitace\SpeedCheckerService.exe [2015-03-03 23496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-11-04 1146272]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
R2 vToolbarUpdater18.3.0;vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [2015-03-05 1802776]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-04-01 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-26 268464]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2014-12-22 363208]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-07 477960]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-19 276248]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-02-09 792016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.200 - Logfile created 05/04/2015 at 20:51:38
# Updated 29/03/2015 by Xplode
# Database : 2015-03-29.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Excalibur - EXCALIBUR-NTB
# Running from : C:\Users\Excalibur\Downloads\adwcleaner_4.200.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : globalUpdatem
[#] Service Deleted : pcsuservice
[#] Service Deleted : RelevantKnowledge
[#] Service Deleted : SCService
Service Deleted : sp_rsdrv2
[#] Service Deleted : vToolbarUpdater18.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\Program Files (x86)\SqueakyChocolate
Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV16.03
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Excalibur\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Excalibur\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Excalibur\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Folder Deleted : C:\Users\Excalibur\AppData\Local\Innovative Solutions
Folder Deleted : C:\Users\Excalibur\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Excalibur\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Excalibur\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\Excalibur\AppData\Roaming\Check Point Software Technologies LTD
Folder Deleted : C:\Users\Excalibur\Documents\PCSpeedUp
Folder Deleted : C:\Users\Excalibur\AppData\Roaming\Mozilla\Firefox\Profiles\xZmI1LiZ.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\SysWOW64\rlls.dll
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : LaunchSignup
Task Deleted : PC SpeedUp Service Deactivator
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-11
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-3
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-6
Task Deleted : e653cf25-f107-4cbe-b8d1-5dadaea354f2-7

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Deleted : HKLM\SOFTWARE\156eacdc-6be3-484e-958c-b1950c01381c
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKCU\Software\Techgile
Key Deleted : HKCU\Software\Video Player
Key Deleted : HKCU\Software\CinemaP-1.9cV16.03
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV16.03
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.118

[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110402231047250&tb_oid=02-04-2011&tb_mrud=02-04-2011
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://tbsearch.ask.com/redirect?client=ie&tb=UT2V5&o=15158&src=crm&q={searchTerms}&locale=en_EU
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN18874068691167177
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60341
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={2973CCE1-C4BE-472A-96B0-FAA4312A4CBC}&mid=01b75f4b758747d3bcfc759276d971e4-fb09b70f4a0bc2d8f3ce0d0d4645d66c3c4092cd&lang=us/browser=all&ds=is015&coid=avgtbdisis&pr=sa&d=2013-11-02 06:08:42&v=17.0.0.12&pid=avg&sg=0&sap=dsp&q={searchTerms}
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

-\\ Opera v28.0.1750.48


*************************

AdwCleaner[R0].txt - [13996 bytes] - [05/04/2015 20:50:06]
AdwCleaner[S0].txt - [13346 bytes] - [05/04/2015 20:51:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13406 bytes] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Excalibur at 2015-04-05 21:15:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 610 GB (64%) free of 954 GB
Total RAM: 3914 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:27, on 5.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe
C:\Program Files\trend micro\Excalibur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O17 - HKLM\System\CCS\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F89920-34C5-4D87-B26C-82A93DA72DB8}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{B84491AA-FB52-4B1E-BFB9-61EA94083AB9}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS1\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS2\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 12580 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 29230080
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
szndesktop.exe default start
"C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000b08
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --ran-launcher /crash-reporter-parent-id=4692
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=gpu-process --channel="4692.0.269612672\127004266" --enable-proprietary-media-types-playback --crash-reporter-pid=2120 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,19,41 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2653 --enable-proprietary-media-types-playback --crash-reporter-pid=2120 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.3.990692458\789998068" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.4.294500886\880068691" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.5.510473411\1581828080" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.7.1596692906\1658721889" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.8.1786149872\1640299473" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.10.1930873480\1320209510" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_17_0_0_123.dll" --ppapi-flash-version=17.0.0.123 --with-feature:enhanced-autofill --crash-reporter-pid=2120 --device-scale-factor=1 --font-cache-shared-mem-suffix=4692 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --disable-accelerated-video-decode --channel="4692.11.112413893\1584220869" /prefetch:673131151
"C:\Program Files (x86)\Opera\28.0.1750.48\opera.exe" --type=ppapi --channel="4692.12.441527175\1275128886" --ppapi-flash-args --lang=cs --enable-proprietary-media-types-playback --crash-reporter-pid=2120 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

"C:\Users\Excalibur\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BYAIAMUF.job - C:\Users\Excalibur\AppData\Roaming\BYAIAMUF.exe /infocmdline=JwtoYX8YMotYO9072MZX1NSUbeGmRZ6tSeGLkViYGYSVLSCC/r1YQVbRVH+wl4coqYUTVSwfjg9ZDCY5uLmksNnjQ2MD1/xybyLy69epXKNfNT9PpSOfPX+fuHmEvs6QMXBHwqCfaI3knJuM+vueHfyGBFUlU2DiJJNy5w5MTvg9Vlk8Fmj7+CJ49VanzPbz+aLW4/gXxYlUTVGJe8h37tc9LTmQo4IqOPQgBcGKhlSrjc0r3sMfwlPQUrjMArUEAWMG2bBBXBdMJGgxUoDNYLa0WCAEL9fijb4tQ97zc2+53g9A8cbgLHlY8Bfj8mgAwKFjrg0o3O3d9A1b7vY77KnDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-19 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-27 12937872]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-11-04 2774904]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-31 2166552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-02-12 127792]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.xtor"=DxtoryCodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-05 20:50:01 ----D---- C:\AdwCleaner
2015-04-05 15:27:57 ----D---- C:\Program Files\trend micro
2015-04-05 15:27:54 ----D---- C:\rsit
2015-04-05 15:17:11 ----A---- C:\Windows\system32\drivers\stflt.sys
2015-04-05 15:17:09 ----D---- C:\Users\Excalibur\AppData\Roaming\Spyware Terminator
2015-04-05 15:17:09 ----D---- C:\ProgramData\Spyware Terminator
2015-04-05 15:16:25 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-05 09:50:38 ----D---- C:\Windows\SYSWOW64\푨ʲ
2015-04-04 20:13:53 ----D---- C:\Windows\SYSWOW64\辀d
2015-04-03 20:06:51 ----D---- C:\Windows\SYSWOW64\䁠Ġ
2015-04-02 10:55:26 ----D---- C:\Windows\SYSWOW64\푘ʿ
2015-04-01 16:08:06 ----D---- C:\Windows\SYSWOW64\俰ˏ
2015-04-01 14:08:07 ----D---- C:\Windows\SYSWOW64\̀
2015-04-01 07:45:37 ----D---- C:\Users\Excalibur\AppData\Roaming\QuickScan
2015-04-01 07:40:30 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-04-01 07:38:43 ----D---- C:\Users\Excalibur\AppData\Roaming\Seznam.cz
2015-03-30 23:22:29 ----A---- C:\Windows\SYSWOW64\Access.dat
2015-03-30 23:16:09 ----D---- C:\ProgramData\Tunngle
2015-03-30 23:16:00 ----D---- C:\Program Files (x86)\Tunngle
2015-03-29 22:00:51 ----D---- C:\Program Files (x86)\Diablo II
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2015-03-29 21:20:54 ----A---- C:\Windows\DIIUnin.dat
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.pif
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.exe
2015-03-08 12:49:07 ----D---- C:\ProgramData\F-Secure
2015-03-07 13:36:42 ----D---- C:\Program Files (x86)\CheckPoint
2015-03-07 13:34:04 ----D---- C:\ProgramData\CheckPoint
2015-03-07 12:32:51 ----D---- C:\Users\Excalibur\AppData\Roaming\Avira
2015-03-07 12:32:37 ----D---- C:\Users\Excalibur\AppData\Roaming\Mozilla
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-03-07 12:27:22 ----D---- C:\ProgramData\Avira
2015-03-07 12:27:22 ----D---- C:\Program Files (x86)\Avira
2015-03-07 12:27:01 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2015-04-05 21:15:27 ----D---- C:\Windows\Temp
2015-04-05 21:01:38 ----D---- C:\Windows\System32
2015-04-05 21:01:38 ----D---- C:\Windows\inf
2015-04-05 21:01:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-05 20:57:49 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-05 20:55:24 ----D---- C:\Windows\system32\drivers
2015-04-05 20:53:32 ----D---- C:\Windows\Tasks
2015-04-05 20:53:32 ----D---- C:\Windows\system32\Tasks
2015-04-05 20:53:29 ----D---- C:\Windows\SysWOW64
2015-04-05 20:52:50 ----RD---- C:\Program Files (x86)
2015-04-05 20:52:44 ----D---- C:\Windows\Prefetch
2015-04-05 20:52:26 ----HD---- C:\ProgramData
2015-04-05 15:27:57 ----RD---- C:\Program Files
2015-04-04 18:00:05 ----SHD---- C:\System Volume Information
2015-04-03 18:54:17 ----D---- C:\Users\Excalibur\AppData\Roaming\TS3Client
2015-04-01 23:05:34 ----D---- C:\Program Files (x86)\Adobe
2015-04-01 16:44:21 ----D---- C:\Windows\system32\config
2015-04-01 07:40:28 ----SHD---- C:\Windows\Installer
2015-03-31 01:23:34 ----D---- C:\Users\Excalibur\AppData\Roaming\Tunngle
2015-03-30 23:16:02 ----RSD---- C:\Windows\Fonts
2015-03-30 11:27:11 ----D---- C:\Program Files (x86)\Steam
2015-03-29 21:20:54 ----D---- C:\Windows
2015-03-29 21:09:37 ----D---- C:\Users\Excalibur\AppData\Roaming\DAEMON Tools Lite
2015-03-26 16:02:55 ----D---- C:\Users\Excalibur\AppData\Roaming\Skype
2015-03-20 21:23:33 ----D---- C:\Program Files (x86)\Minecraft
2015-03-18 20:11:16 ----D---- C:\Program Files (x86)\Opera
2015-03-14 11:48:00 ----D---- C:\Users\Excalibur\AppData\Roaming\.technic
2015-03-13 11:26:20 ----D---- C:\Windows\system32\drivers\etc
2015-03-11 19:19:14 ----D---- C:\Program Files (x86)\Reborn2 - Copy
2015-03-11 16:34:11 ----D---- C:\Users\Excalibur\AppData\Roaming\.minecraft
2015-03-10 20:10:53 ----D---- C:\Program Files (x86)\Reborn2
2015-03-08 13:02:32 ----HD---- C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2015-03-07 13:40:52 ----D---- C:\Windows\system32\catroot
2015-03-07 13:40:51 ----D---- C:\Windows\system32\DriverStore
2015-03-07 13:23:17 ----D---- C:\MPS
2015-03-07 13:22:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 13:22:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-07 13:21:35 ----D---- C:\Program Files (x86)\MKV Player
2015-03-07 13:21:13 ----D---- C:\Program Files (x86)\K-Meleon
2015-03-07 13:20:41 ----D---- C:\Windows\ShellNew
2015-03-07 13:20:20 ----D---- C:\Games
2015-03-07 13:20:08 ----D---- C:\Program Files (x86)\GameforgeLive
2015-03-07 13:19:34 ----D---- C:\ProgramData\DivX
2015-03-07 13:19:34 ----D---- C:\Program Files (x86)\DivX
2015-03-07 13:18:39 ----D---- C:\Fraps
2015-03-07 12:57:42 ----D---- C:\Windows\Logs
2015-03-07 12:57:42 ----D---- C:\Windows\debug
2015-03-07 12:36:12 ----D---- C:\Windows\tracing

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-02-25 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-02-25 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-24 283064]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-02-25 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-02-25 44088]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-03-04 91648]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4102928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2015-04-05 51496]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-07 75048]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2014-12-23 78088]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 14976]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [2013-10-23 121728]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [2013-11-01 376448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-08-17 116640]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-08-17 38944]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-02-12 184056]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-11-04 1146272]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-04-01 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-26 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2014-12-22 363208]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-07 477960]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-19 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-02-09 792016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\Users\Excalibur\AppData\Roaming\BYAIAMUF.exe
C:\Windows\tasks\BYAIAMUF.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\SYSWOW64\푨ʲ
C:\Windows\SYSWOW64\辀d
C:\Windows\SYSWOW64\䁠Ġ
C:\Windows\SYSWOW64\푘ʿ
C:\Windows\SYSWOW64\俰ˏ
C:\Windows\SYSWOW64\̀

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]/64

:services
McComponentHostService

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Excalibur at 2015-04-06 09:05:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 617 GB (65%) free of 954 GB
Total RAM: 3914 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:05:36, on 6.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\trend micro\Excalibur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-792113725-3541881400-1338686765-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O17 - HKLM\System\CCS\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6F89920-34C5-4D87-B26C-82A93DA72DB8}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{B84491AA-FB52-4B1E-BFB9-61EA94083AB9}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS1\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CS2\Services\Tcpip\..\{056AAB92-BE99-4F91-9F1F-38418BB79633}: NameServer = 93.153.117.1 93.153.117.33
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 11750 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 28805104
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
taskeng.exe {B3803F9F-CB6C-4139-B950-3C4726B820B6}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\04062015_085427.log
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe"
szndesktop.exe default start
"C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000858
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Excalibur\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-04 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-04 210856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-19 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-19 440600]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-27 12937872]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-11-04 2774904]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-11-04 3681656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-31 2166552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Excalibur\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-02-12 127792]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-14 430080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.xtor"=DxtoryCodec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-06 08:54:27 ----D---- C:\_OTM
2015-04-05 20:50:01 ----D---- C:\AdwCleaner
2015-04-05 15:27:57 ----D---- C:\Program Files\trend micro
2015-04-05 15:27:54 ----D---- C:\rsit
2015-04-05 15:17:11 ----A---- C:\Windows\system32\drivers\stflt.sys
2015-04-05 15:17:09 ----D---- C:\Users\Excalibur\AppData\Roaming\Spyware Terminator
2015-04-05 15:17:09 ----D---- C:\ProgramData\Spyware Terminator
2015-04-05 15:16:25 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-01 14:08:07 ----D---- C:\Windows\SYSWOW64\̀
2015-04-01 07:45:37 ----D---- C:\Users\Excalibur\AppData\Roaming\QuickScan
2015-04-01 07:40:30 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-04-01 07:38:43 ----D---- C:\Users\Excalibur\AppData\Roaming\Seznam.cz
2015-03-30 23:22:29 ----A---- C:\Windows\SYSWOW64\Access.dat
2015-03-30 23:16:09 ----D---- C:\ProgramData\Tunngle
2015-03-30 23:16:00 ----D---- C:\Program Files (x86)\Tunngle
2015-03-29 22:00:51 ----D---- C:\Program Files (x86)\Diablo II
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntfNT.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf32.dll
2015-03-29 21:27:37 ----A---- C:\Windows\SYSWOW64\SIntf16.dll
2015-03-29 21:20:54 ----A---- C:\Windows\DIIUnin.dat
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.pif
2015-03-29 21:20:49 ----A---- C:\Windows\DIIUnin.exe
2015-03-08 12:49:07 ----D---- C:\ProgramData\F-Secure
2015-03-07 13:36:42 ----D---- C:\Program Files (x86)\CheckPoint
2015-03-07 13:34:04 ----D---- C:\ProgramData\CheckPoint
2015-03-07 12:32:51 ----D---- C:\Users\Excalibur\AppData\Roaming\Avira
2015-03-07 12:32:37 ----D---- C:\Users\Excalibur\AppData\Roaming\Mozilla
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-03-07 12:31:20 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-03-07 12:27:22 ----D---- C:\ProgramData\Avira
2015-03-07 12:27:22 ----D---- C:\Program Files (x86)\Avira
2015-03-07 12:27:01 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2015-04-06 09:05:35 ----D---- C:\Windows\Temp
2015-04-06 09:02:43 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-06 09:00:31 ----D---- C:\Windows
2015-04-06 08:54:46 ----D---- C:\Windows\SysWOW64
2015-04-06 08:54:45 ----D---- C:\Windows\Tasks
2015-04-06 08:54:44 ----RD---- C:\Program Files
2015-04-05 21:01:38 ----D---- C:\Windows\System32
2015-04-05 21:01:38 ----D---- C:\Windows\inf
2015-04-05 21:01:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-05 20:55:24 ----D---- C:\Windows\system32\drivers
2015-04-05 20:53:32 ----D---- C:\Windows\system32\Tasks
2015-04-05 20:52:50 ----RD---- C:\Program Files (x86)
2015-04-05 20:52:44 ----D---- C:\Windows\Prefetch
2015-04-05 20:52:26 ----HD---- C:\ProgramData
2015-04-04 18:00:05 ----SHD---- C:\System Volume Information
2015-04-03 18:54:17 ----D---- C:\Users\Excalibur\AppData\Roaming\TS3Client
2015-04-01 23:05:34 ----D---- C:\Program Files (x86)\Adobe
2015-04-01 16:44:21 ----D---- C:\Windows\system32\config
2015-04-01 07:40:28 ----SHD---- C:\Windows\Installer
2015-03-31 01:23:34 ----D---- C:\Users\Excalibur\AppData\Roaming\Tunngle
2015-03-30 23:16:02 ----RSD---- C:\Windows\Fonts
2015-03-30 11:27:11 ----D---- C:\Program Files (x86)\Steam
2015-03-29 21:09:37 ----D---- C:\Users\Excalibur\AppData\Roaming\DAEMON Tools Lite
2015-03-26 16:02:55 ----D---- C:\Users\Excalibur\AppData\Roaming\Skype
2015-03-20 21:23:33 ----D---- C:\Program Files (x86)\Minecraft
2015-03-18 20:11:16 ----D---- C:\Program Files (x86)\Opera
2015-03-14 11:48:00 ----D---- C:\Users\Excalibur\AppData\Roaming\.technic
2015-03-13 11:26:20 ----D---- C:\Windows\system32\drivers\etc
2015-03-11 19:19:14 ----D---- C:\Program Files (x86)\Reborn2 - Copy
2015-03-11 16:34:11 ----D---- C:\Users\Excalibur\AppData\Roaming\.minecraft
2015-03-10 20:10:53 ----D---- C:\Program Files (x86)\Reborn2
2015-03-08 13:02:32 ----HD---- C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2015-03-07 13:40:52 ----D---- C:\Windows\system32\catroot
2015-03-07 13:40:51 ----D---- C:\Windows\system32\DriverStore
2015-03-07 13:23:17 ----D---- C:\MPS
2015-03-07 13:22:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 13:22:26 ----D---- C:\Program Files (x86)\Common Files
2015-03-07 13:21:35 ----D---- C:\Program Files (x86)\MKV Player
2015-03-07 13:21:13 ----D---- C:\Program Files (x86)\K-Meleon
2015-03-07 13:20:41 ----D---- C:\Windows\ShellNew
2015-03-07 13:20:20 ----D---- C:\Games
2015-03-07 13:20:08 ----D---- C:\Program Files (x86)\GameforgeLive
2015-03-07 13:19:34 ----D---- C:\ProgramData\DivX
2015-03-07 13:19:34 ----D---- C:\Program Files (x86)\DivX
2015-03-07 13:18:39 ----D---- C:\Fraps
2015-03-07 12:57:42 ----D---- C:\Windows\Logs
2015-03-07 12:57:42 ----D---- C:\Windows\debug
2015-03-07 12:36:12 ----D---- C:\Windows\tracing

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-06-21 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-02-25 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-02-25 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-24 283064]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-02-25 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-02-25 44088]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2015-04-05 51496]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-02-15 3538432]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-21 80384]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-03-04 91648]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-14 14692224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4102928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2013-12-07 75048]
S3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [2014-12-23 78088]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-21 552448]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-22 14976]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [2013-10-23 121728]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys [2013-11-01 376448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-09-02 339048]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-08-17 116640]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-08-17 38944]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-02-12 184056]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-11-04 1146272]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-04-01 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-08-31 2425960]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-26 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader; C:\ProgramData\BitRaider\BRSptStub.exe [2014-12-22 363208]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2013-12-07 477960]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-19 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02 116648]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-02-09 792016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Ještě je nějaký problém?

Problémy přetrvávají. Při kliknutí v prohlížeči (jakémkoli) i mimo odkaz, tlačítko, vyskočí okno s reklamou, přesměruje na jinou stránku v novém panelu, velké množství nežádoucích reklam na nestandartních místech.

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Stránky malwarebytes.org mě tvrdošíjně přesměrovávají z /mbam.php na /antimalware/premium

Zkuste stáhnout odtud: http://www.stahuj.centrum.cz/utility_a_ ... i-malware/ .

Nálezy vypadají podezřele.

# AdwCleaner v4.200 - Logfile created 07/04/2015 at 15:01:48
# Updated 29/03/2015 by Xplode
# Database : 2015-04-06.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Excalibur - EXCALIBUR-NTB
# Running from : C:\Users\Excalibur\Downloads\adwcleaner_4.200.exe
# Option : Scan

***** [ Services ] *****

Service Found : sp_rsdrv2

***** [ Files / Folders ] *****

File Found : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
File Found : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
File Found : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
File Found : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
File Found : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
File Found : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
File Found : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
File Found : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
Folder Found : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
Folder Found : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.118

[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : acklnhgjphbhhomkneonohbjnbmkclfb

-\\ Opera v28.0.1750.48


*************************

AdwCleaner[R0].txt - [13996 bytes] - [05/04/2015 20:50:06]
AdwCleaner[R1].txt - [2461 bytes] - [07/04/2015 15:01:48]
AdwCleaner[S0].txt - [13523 bytes] - [05/04/2015 20:51:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2580 bytes] ##########

Nedokončil jste. Po 1. skenu je třeba ještě kliknout na >cleaning<. Zkuste znovu.

# AdwCleaner v4.200 - Logfile created 07/04/2015 at 18:18:44
# Updated 29/03/2015 by Xplode
# Database : 2015-04-06.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Excalibur - EXCALIBUR-NTB
# Running from : C:\Users\Excalibur\Downloads\adwcleaner_4.200.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : sp_rsdrv2

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
Folder Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb
File Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
File Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
File Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
File Deleted : C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0.localstorage-journal
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_acklnhgjphbhhomkneonohbjnbmkclfb_0
File Deleted : C:\Users\Excalibur\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\acklnhgjphbhhomkneonohbjnbmkclfb

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\PCSU.Registry.1

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v


-\\ Google Chrome v41.0.2272.118

[C:\Users\Excalibur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : acklnhgjphbhhomkneonohbjnbmkclfb

-\\ Opera v28.0.1750.48


*************************

AdwCleaner[R0].txt - [13996 bytes] - [05/04/2015 20:50:06]
AdwCleaner[R1].txt - [2659 bytes] - [07/04/2015 15:01:48]
AdwCleaner[S0].txt - [13523 bytes] - [05/04/2015 20:51:42]
AdwCleaner[S1].txt - [2612 bytes] - [07/04/2015 18:18:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2671 bytes] ##########