VIRY.CZ

Zdravím. Poslední dobou se mi hodně zpomalil notebook - Prohlížeče často neodpovídají, a to samé všechny programy. Občas se stane, že mi neodpovídá plocha - celá zbělá, a pak zmodrá (pozadí na win 8.1). Chtěl bych požádat o kontrolu RSIT logu, případně co mam delat.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-12 12:59:47
Microsoft Windows 8.1
System drive C: has 354 GB (39%) free of 905 GB
Total RAM: 3962 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:00:54, on 12. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files\trend micro\Tomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... 22.0.0.110
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/ProgramData/Hotspot Shield/config/hsspx/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {a19638fe-8536-4bcf-b659-a38ad619be61} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: (no name) - {a19638fe-8536-4bcf-b659-a38ad619be61} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [reg_svr] "C:\WINDOWS\SysWoW64\regsvr32.exe" /s "C:\Users\Tomas\AppData\Roaming\gleam\nvm.dll"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5667B02C-3890-45A6-9A63-6F036B8BA497}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE84DB5B-1860-4CAD-8ACB-28D004D33A18}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 17266 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 693f76fd-3b32-4e77-9e8b-2c307f28d914 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskeng.exe {F6AAB425-B0C6-406F-8604-407E4326B108}
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\AmbRunE.dll,RunDLLEntry
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "0x128c_0x348_0x8101a40f"
taskhost.exe
explorer.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-87d75593-561b-4d34-9adc-f4b35f86ed7a -SystemEventPortName:HostProcess-4685d8b4-ecbd-4e8e-b6da-f8b74ce88fe8 -IoCancelEventPortName:HostProcess-21102800-65cc-4c20-b60f-7dee4e41fb0a -NonStateChangingEventPortName:HostProcess-1dc1bd15-9d98-42c3-8acd-629e288b8930 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cbb7ab1f-02e0-443d-96fb-057b51ca8754 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
C:\WINDOWS\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:88
\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
-sp 896
\??\C:\WINDOWS\system32\conhost.exe 0x4
-sp 63407 -wt wt0 -re
-sp 63407 -wt wt1 -re
-sp 63407 -wt wt2 -re
taskeng.exe {02062B8D-D636-4449-9487-7A8E403B6FA1}
"C:\Users\Tomas\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Apps Hat-enabler.job - C:\Program Files (x86)\Apps Hat\Apps Hat-enabler.exe /enablebho /agentregpath='Apps Hat' /appid=48559 /srcid='000820' /subid='0' /zdata='appshatmadness' /bic=24AE676E04044985BC1042340506F0F7IE /verifier=9bdac1925523b660add6553b31664d6f /installerversion=1_34_2_13 /installationtime=1393498593 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110411851159 /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_enabl ... pdate.json' /runfrom='task' /externallog=''
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\WINDOWS\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\extensions\
518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{a19638fe-8536-4bcf-b659-a38ad619be61}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a}
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{a19638fe-8536-4bcf-b659-a38ad619be61}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-05-20 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-05-20 191568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-11-17 2800296]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"THXCfg64"=C:\WINDOWS\system32\THXCfg64.dll [2010-07-26 18432]
"RunDLLEntry"=C:\WINDOWS\system32\AmbRunE.dll [2009-02-26 17920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-25 100200]
"cz.seznam.software.autoupdate"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-31 1374032]
"Facebook Update"=C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-17 138096]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"reg_svr"=C:\WINDOWS\SysWoW64\regsvr32.exe [2014-10-29 16384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2012-05-02 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-09-04 3802448]
"WindowsDriverScan86"=C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [2014-08-10 1501]
"WindowsDriverScan64"=C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [2015-02-27 1512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5512912]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2015-03-24 863960]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [2010-02-18 241789]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll d3dgearload64.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.WVC1"=d3dgeardecoder64.dll
"VIDC.WMV3"=d3dgeardecoder64.dll
"VIDC.MJPG"=bdmjpeg64.dll
"VIDC.M4S2"=d3dgeardecoder64.dll
"VIDC.FVFW"=d3dgeardecoder64.dll
"VIDC.FFVH"=d3dgeardecoder64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-11 17:46:11 ----D---- C:\WINDOWS\Minidump
2015-04-08 17:59:46 ----D---- C:\ProgramData\BlueStacks
2015-04-08 17:59:46 ----D---- C:\Program Files (x86)\BlueStacks
2015-04-08 13:13:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-06 15:24:39 ----D---- C:\Users\Tomas\AppData\Roaming\SuperHideIP
2015-04-06 15:24:39 ----D---- C:\ProgramData\SuperHideIP
2015-04-06 15:17:14 ----D---- C:\Users\Tomas\AppData\Roaming\MaskMyIP
2015-04-06 15:17:14 ----D---- C:\ProgramData\MaskMyIP
2015-04-06 15:09:36 ----D---- C:\ProgramData\DownloadManager
2015-04-03 21:23:22 ----N---- C:\WINDOWS\Updreg.EXE
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\xFiMB2CfgUninstall32.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\CTtele32.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ctpxst32.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgfx.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AMBSpiE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AmbRunE.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\xFiMB2CfgUninstall64.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\CTtele64.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ctpxst64.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgfx.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AMBSpiE.exe
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AmbRunE.dll
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Spk.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Hp.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Capture.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_SP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_HP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\SYSWOW64\ResDefA.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfgUninstall64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.dll
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MCEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MBEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.dll
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\CmdRtr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\APOMngr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\CmdRtr64.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\APOMgr64.DLL
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\OpenAL32.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2015-04-03 21:23:04 ----N---- C:\WINDOWS\SYSWOW64\Sens_oal.dll
2015-04-03 21:23:03 ----N---- C:\WINDOWS\system32\Sens_oal.dll
2015-04-03 21:20:31 ----D---- C:\Program Files\Creative
2015-04-03 21:20:08 ----D---- C:\Program Files (x86)\Creative
2015-04-03 20:12:47 ----D---- C:\Program Files (x86)\Dolby
2015-03-31 00:27:05 ----D---- C:\Riot Games
2015-03-31 00:08:29 ----D---- C:\rads
2015-03-30 18:29:32 ----D---- C:\Program Files (x86)\Registry Recycler
2015-03-30 17:28:31 ----A---- C:\WINDOWS\system32\CxAudMsg64.exe
2015-03-30 17:27:45 ----A---- C:\WINDOWS\SAII_LOG.TXT
2015-03-30 17:23:27 ----A---- C:\WINDOWS\SYSWOW64\SASrv.exe
2015-03-30 17:06:12 ----A---- C:\WINDOWS\system32\UCI64A40.DLL
2015-03-30 17:06:11 ----A---- C:\WINDOWS\system32\drivers\Mixer.ini
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPA64.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\CxPageMaster64.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\drivers\CHDRT64.sys
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CX64BP04.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CSpkExt64.dll
2015-03-30 17:05:38 ----D---- C:\Drivers
2015-03-30 16:18:43 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-03-30 16:09:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-03-30 16:08:54 ----A---- C:\WINDOWS\avastSS.scr
2015-03-30 16:08:25 ----A---- C:\WINDOWS\system32\drivers\aswTap.sys
2015-03-30 16:08:23 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2015-03-30 16:02:33 ----D---- C:\Program Files\AVAST Software
2015-03-27 21:54:12 ----D---- C:\ProgramData\IObit
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-03-27 21:45:38 ----D---- C:\Program Files\trend micro
2015-03-27 21:45:37 ----D---- C:\rsit
2015-03-25 18:47:01 ----D---- C:\Program Files (x86)\AutoClick3
2015-03-21 12:41:56 ----D---- C:\Program Files (x86)\Microsoft
2015-03-21 12:10:38 ----D---- C:\Program Files (x86)\PCSX2 1.2.1

======List of files/folders modified in the last 1 month======

2015-04-12 13:00:19 ----D---- C:\WINDOWS\system32\sru
2015-04-12 12:59:24 ----D---- C:\WINDOWS\Prefetch
2015-04-12 11:52:33 ----SHD---- C:\System Volume Information
2015-04-12 11:20:32 ----D---- C:\WINDOWS\Temp
2015-04-12 11:19:35 ----D---- C:\WINDOWS\System32
2015-04-12 11:19:35 ----D---- C:\WINDOWS\Inf
2015-04-12 11:19:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-12 11:17:28 ----D---- C:\WINDOWS\system32\NDF
2015-04-12 00:45:41 ----D---- C:\Users\Tomas\AppData\Roaming\ClassicShell
2015-04-12 00:45:37 ----D---- C:\Program Files (x86)\Steam
2015-04-11 17:51:46 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-04-11 17:46:11 ----D---- C:\Windows
2015-04-11 14:39:38 ----D---- C:\Program Files (x86)\Hotspot Shield
2015-04-11 12:17:28 ----D---- C:\WINDOWS\system32\config
2015-04-11 09:48:03 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-10 20:45:07 ----D---- C:\WINDOWS\AppReadiness
2015-04-10 17:29:02 ----RSD---- C:\WINDOWS\assembly
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\Camdata.ini
2015-04-08 18:01:07 ----SHD---- C:\WINDOWS\Installer
2015-04-08 17:59:46 ----RD---- C:\Program Files (x86)
2015-04-08 17:59:46 ----HD---- C:\ProgramData
2015-04-08 17:59:20 ----D---- C:\ProgramData\BlueStacksSetup
2015-04-08 16:28:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 16:09:52 ----D---- C:\Program Files (x86)\opera
2015-04-08 16:09:51 ----D---- C:\WINDOWS\system32\Tasks
2015-04-07 12:35:52 ----D---- C:\Users\Tomas\AppData\Roaming\TS3Client
2015-04-06 18:38:29 ----D---- C:\Program Files\FreeFixer
2015-04-06 18:38:28 ----D---- C:\WINDOWS\Tasks
2015-04-04 15:26:47 ----HD---- C:\Program Files\WindowsApps
2015-04-04 15:17:51 ----D---- C:\WINDOWS\CbsTemp
2015-04-03 21:23:18 ----D---- C:\WINDOWS\SysWOW64
2015-04-03 21:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-03 21:20:46 ----D---- C:\Program Files (x86)\Common Files
2015-04-03 21:20:31 ----D---- C:\Program Files
2015-04-03 21:02:14 ----D---- C:\Program Files (x86)\IObit
2015-04-03 21:02:10 ----D---- C:\WINDOWS\system32\drivers
2015-04-02 14:35:01 ----D---- C:\Counter-Strike 1.6
2015-04-02 12:00:33 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2015-03-31 10:39:56 ----D---- C:\ProgramData\Adobe
2015-03-31 01:04:22 ----D---- C:\Users\Tomas\AppData\Roaming\LSC
2015-03-31 01:03:29 ----D---- C:\ProgramData\Lenovo
2015-03-31 01:02:57 ----D---- C:\Program Files (x86)\Lenovo
2015-03-31 01:02:42 ----D---- C:\Program Files\Lenovo
2015-03-31 01:00:47 ----D---- C:\WINDOWS\Downloaded Installations
2015-03-31 00:27:19 ----D---- C:\Users\Tomas\AppData\Roaming\Riot Games
2015-03-31 00:15:21 ----D---- C:\WINDOWS\Logs
2015-03-30 19:12:01 ----D---- C:\Program Files\Defraggler
2015-03-30 17:36:18 ----D---- C:\WINDOWS\system32\catroot
2015-03-30 17:27:40 ----D---- C:\WINDOWS\system32\DriverStore
2015-03-30 17:26:32 ----D---- C:\ProgramData\Conexant
2015-03-30 17:22:36 ----D---- C:\Program Files\CONEXANT
2015-03-30 16:46:33 ----D---- C:\WINDOWS\system32\wdi
2015-03-30 16:10:36 ----D---- C:\WINDOWS\system32\catroot2
2015-03-30 15:48:34 ----D---- C:\WINDOWS\debug
2015-03-30 15:48:17 ----HD---- C:\WINDOWS\ELAMBKUP
2015-03-30 15:45:02 ----D---- C:\ProgramData\Norton
2015-03-30 15:45:01 ----D---- C:\Program Files (x86)\NortonInstaller
2015-03-30 15:44:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-03-30 14:16:38 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-03-28 13:25:27 ----D---- C:\Program Files (x86)\Rockstar Games
2015-03-28 12:13:17 ----D---- C:\Users\Tomas\AppData\Roaming\Awesomium
2015-03-28 11:30:26 ----D---- C:\hry
2015-03-28 10:57:42 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-27 22:27:59 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-27 21:57:02 ----D---- C:\WINDOWS\ModemLogs
2015-03-27 21:57:01 ----DC---- C:\WINDOWS\Panther
2015-03-27 21:52:22 ----D---- C:\Users\Tomas\AppData\Roaming\IObit
2015-03-26 23:49:20 ----D---- C:\Users\Tomas\AppData\Roaming\MultiBit
2015-03-21 12:42:56 ----D---- C:\WINDOWS\SYSWOW64\directx
2015-03-21 12:42:15 ----SD---- C:\ProgramData\Microsoft
2015-03-21 12:41:29 ----HD---- C:\WINDOWS\msdownld.tmp
2015-03-17 13:24:27 ----D---- C:\WINDOWS\system32\MRT
2015-03-17 13:19:37 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-15 12:34:51 ----D---- C:\Program Files (x86)\HomeTab
2015-03-14 20:36:05 ----D---- C:\WINDOWS\rescache
2015-03-14 20:18:25 ----D---- C:\WINDOWS\WinSxS
2015-03-14 15:15:17 ----D---- C:\Users\Tomas\AppData\Roaming\.minecraft
2015-03-14 11:54:14 ----D---- C:\ProgramData\Origin
2015-03-14 11:45:11 ----D---- C:\Program Files (x86)\Origin
2015-03-13 15:41:31 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:41:31 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:41:28 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:27:45 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:27:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:27:43 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:27:43 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:27:40 ----D---- C:\WINDOWS\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;@oem21.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2015-03-30 449896]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-03-30 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-03-30 271200]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-05-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-12-13 31376]
R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2015-03-30 28144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-03-30 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-03-30 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-03-30 442264]
R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-04-28 283064]
R1 HssDRV6;@oem36.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-03-30 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-03-30 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-03-30 136752]
R3 ACPIVPC;@oem12.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-05-20 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\system32\DRIVERS\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\system32\DRIVERS\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem28.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-09-04 46136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;@oem50.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2013-12-06 18456]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 ScreamBAudioSvc;@oem23.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2009-11-26 38992]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-27 43832]
R3 SynTP;@oem4.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-27 448312]
R3 tap0901t;@oem45.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss6;@oem1.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\drivers\lmimirr.sys []
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-24 144600]
S2 NEWDRIVER;NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys []
S3 aswTap;@oem42.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-30 44640]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-02-27 22704]
S3 RSUSBVSTOR;@oem29.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]
S3 SPPD;SPPD; C:\WINDOWS\system32\drivers\SPPD.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-30 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-30 107448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-24 798424]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-09-30 294912]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2014-05-17 919040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-12-13 935240]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-24 433880]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-24 388824]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-09-04 2525008]
S2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2014-05-17 430344]
S2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-08-08 377616]
S2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-12-06 1229528]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-12-06 662232]
S2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-01-09 143624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2015-04-03 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2015-04-03 79360]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-11-17 182304]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2014-05-17 78512]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-14 1910640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-11-04 762320]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Zde je log. Při skenu mi avast ohlásil upozornění - přikládám screen

# AdwCleaner v4.201 - Log vytvořen 12/04/2015 v 13:32:32
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Tomas - IDEA-PC
# Spuštěno z : C:\Users\Tomas\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : hshld
[#] Služba Smazáno : SPPD

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\RegClean
Složka Smazáno : C:\ProgramData\Tbccint
Složka Smazáno : C:\ProgramData\DownloadManager
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\HomeTab
Složka Smazáno : C:\WINDOWS\SysWOW64\SearchProtect
Složka Smazáno : C:\Program Files\FreeFixer
Složka Smazáno : C:\Program Files\HomeTab
Složka Smazáno : C:\Users\Tomas\AppData\Local\FreeFixer
Složka Smazáno : C:\Users\Tomas\AppData\Local\genienext
Složka Smazáno : C:\Users\Tomas\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Tomas\AppData\Local\Mobogenie
Složka Smazáno : C:\Users\Tomas\AppData\Local\pay-by-ads
Složka Smazáno : C:\Users\Tomas\AppData\Local\Tbccint
Složka Smazáno : C:\Users\Tomas\AppData\Local\webplayer
Složka Smazáno : C:\Users\Tomas\AppData\Local\Plus500
Složka Smazáno : C:\Users\Tomas\AppData\Local\somotomoviestoolbar181
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\SimplyTech
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\Tbccint
Složka Smazáno : C:\Users\Tomas\AppData\LocalLow\apps hat
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\FreeFixer
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\pdfforge
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\SimplyTech
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
Složka Smazáno : C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Složka Smazáno : C:\Users\Tomas\Documents\Mobogenie
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_acfoobbgoakpihljnfedbcfaipcdlfhk_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_coljhboelhlkbgaaolcngflenaggpeao_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmedakdfngfmagjlndeckcbfcmidlbio_0.localstorage
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_becofaobcinoilkmebdbeojebncfepbl_0.localstorage
Soubor Smazáno : C:\END
Soubor Smazáno : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Soubor Smazáno : C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Soubor Smazáno : C:\Users\Tomas\AppData\Local\Temp\Uninstall.exe
Soubor Smazáno : C:\WINDOWS\System32\roboot64.exe
Soubor Smazáno : C:\Users\Tomas\daemonprocess.txt
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : ASP
Úloha Smazáno : LaunchSignup
Úloha Smazáno : Yahoo! Search
Úloha Smazáno : Yahoo! Search Updater
Úloha Smazáno : Apps Hat-enabler

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\coljhboelhlkbgaaolcngflenaggpeao
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\speedupmypc
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.Band
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.Band.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Klíč Smazáno : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKCU\Software\Classes\keepmysearch
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.BHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox
Klíč Smazáno : HKLM\SOFTWARE\Classes\CrossriderApp0048559.Sandbox.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7017502F-0194-46B2-AA5A-F713E6C0E366}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{F25FAEB1-AC58-4FE7-A2EB-F58578FA4A06}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444854459}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{7017502F-0194-46B2-AA5A-F713E6C0E366}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422852259}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455855559}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466856659}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{17038D40-93BB-4F51-B5F9-B1D0B9F4B1EE}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{512AD27A-A4D3-4A2E-97E9-F8BAA2A84938}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\HomeTab
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\powerpack
Klíč Smazáno : HKCU\Software\SafetyNut
Klíč Smazáno : HKCU\Software\simplytech
Klíč Smazáno : HKCU\Software\smarttweak
Klíč Smazáno : HKCU\Software\Tbccint
Klíč Smazáno : HKCU\Software\Webplayer
Klíč Smazáno : HKCU\Software\AppDataLow\Toolbar
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKCU\Software\AppDataLow\Software\simplytech
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Tbccint
Klíč Smazáno : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\SPPDCOM
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Data Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 cs)

[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app50611%22%3A%22app50[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_geolocation.expiration", "Sat Apr 18 2015 18:10:23 GMT+0200");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_geolocation.value", "%22US%22");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_metadata.expiration", "Sun Apr 12 2015 18:10:23 GMT+0200");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A50611%2C%22appName%22%3A%22CrowdFlowe[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_meta.value", "%7B%22YT.png%22%3A%7B%22id%22%3A1014153%2C%22ver%22%3A57%2C%22s[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014155.value", "%22%3C%21DOCTYPE%20html%3E%5Cr%5Cn%3Chtml%3E%5Cr%5C[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014157.value", "%22//Global%20helpers%5Cnvar%20_YT%20%3D%20%7B%5Cn%[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.internaldb.Resources_resource_1014161.value", "%22//%20The%20Impression%20plugin%20doesn%27t%20sho[...]
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.a518dcd9fae80409780aaa9dae0ad4d7b4dd9787b93a445e4b8286df475da9388com50611.50611.thankyou", "hxxp://crossrider.com/thank_you/50611");
[1jzs6adf.default-1428693052232\prefs.js] - Řádek Smazáno : user_pref("extensions.crossrider.bic", "14ca93ec943a446a9efbf560d856e4b2");

-\\ Google Chrome v41.0.2272.118

[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=C ... rms}&SSPV=
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : coljhboelhlkbgaaolcngflenaggpeao
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : kmedakdfngfmagjlndeckcbfcmidlbio

-\\ Chromium v


-\\ Opera v28.0.1750.51


*************************

AdwCleaner[R0].txt - [20510 bytů] - [12/04/2015 13:23:54]
AdwCleaner[S0].txt - [19157 bytů] - [12/04/2015 13:32:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19216 bytů] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-12 18:26:39
Microsoft Windows 8.1
System drive C: has 354 GB (39%) free of 905 GB
Total RAM: 3962 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:26:49, on 12. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files\trend micro\Tomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/ProgramData/Hotspot Shield/config/hsspx/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {a19638fe-8536-4bcf-b659-a38ad619be61} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: (no name) - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: (no name) - {a19638fe-8536-4bcf-b659-a38ad619be61} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [reg_svr] "C:\WINDOWS\SysWoW64\regsvr32.exe" /s "C:\Users\Tomas\AppData\Roaming\gleam\nvm.dll"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5667B02C-3890-45A6-9A63-6F036B8BA497}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE84DB5B-1860-4CAD-8ACB-28D004D33A18}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 16813 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskhostex.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskeng.exe {52BC9305-B5C0-4A86-B511-D21D12323066}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 693f76fd-3b32-4e77-9e8b-2c307f28d914 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
-nolaunchurl
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "0x1df0_0x1df4_0x6f7dbd7f"

--service HotspotShield_exit_1 1 --config "C:\Program Files (x86)\Hotspot Shield\config\proxy.hvpn" --proxy-ports 990 105 179 706 --local-ip 192.168.88.22 --ssl-ports 3028 -F 120 -B 60 --remote 50.117.72.220 5245 --auth-user-pass elite-550-plain_3.42_sip --management 127.0.0.1 59184
\??\C:\WINDOWS\system32\conhost.exe 0x4
openvpn --service HotspotShield_exit_1 1 --config "C:\Program Files (x86)\Hotspot Shield\config\config.hvpn" --cv 2 --remote 50.117.72.220 5245 --hand-window 10 --explicit-exit-notify --auth-user-pass elite-550-plain_3.42_sip50.117.72.220_5245 --management 127.0.0.1 59183 --management-hold --management-query-passwords --management-client
\??\C:\WINDOWS\system32\conhost.exe 0x4
-sp 896
\??\C:\WINDOWS\system32\conhost.exe 0x4
-sp 59205 -wt wt0
-sp 59205 -wt wt1
-sp 59205 -wt wt2
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\Tomas\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\WINDOWS\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\extensions\
518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
avast! EasyPass Toolbar Helper - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{a19638fe-8536-4bcf-b659-a38ad619be61}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a}
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{a19638fe-8536-4bcf-b659-a38ad619be61}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-05-20 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-05-20 191568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-11-17 2800296]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"THXCfg64"=C:\WINDOWS\system32\THXCfg64.dll [2010-07-26 18432]
"RunDLLEntry"=C:\WINDOWS\system32\AmbRunE.dll [2009-02-26 17920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-25 100200]
"cz.seznam.software.autoupdate"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-31 1374032]
"Facebook Update"=C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-17 138096]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"reg_svr"=C:\WINDOWS\SysWoW64\regsvr32.exe [2014-10-29 16384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2012-05-02 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-09-04 3802448]
"WindowsDriverScan86"=C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [2014-08-10 1501]
"WindowsDriverScan64"=C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [2015-02-27 1512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5512912]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2015-03-24 863960]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [2010-02-18 241789]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" d3dgearload64.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.WVC1"=d3dgeardecoder64.dll
"VIDC.WMV3"=d3dgeardecoder64.dll
"VIDC.MJPG"=bdmjpeg64.dll
"VIDC.M4S2"=d3dgeardecoder64.dll
"VIDC.FVFW"=d3dgeardecoder64.dll
"VIDC.FFVH"=d3dgeardecoder64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-12 15:31:33 ----A---- C:\WINDOWS\system32\drivers\hssdrv6.sys
2015-04-12 15:30:07 ----D---- C:\ProgramData\Hotspot Shield
2015-04-12 15:29:37 ----D---- C:\Program Files (x86)\Hotspot Shield
2015-04-12 15:10:38 ----D---- C:\Program Files (x86)\Zards software
2015-04-12 14:47:53 ----D---- C:\ProgramData\EPS
2015-04-12 13:23:51 ----D---- C:\AdwCleaner
2015-04-11 17:46:11 ----D---- C:\WINDOWS\Minidump
2015-04-08 17:59:46 ----D---- C:\ProgramData\BlueStacks
2015-04-08 17:59:46 ----D---- C:\Program Files (x86)\BlueStacks
2015-04-08 13:13:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-06 15:24:39 ----D---- C:\Users\Tomas\AppData\Roaming\SuperHideIP
2015-04-06 15:24:39 ----D---- C:\ProgramData\SuperHideIP
2015-04-06 15:17:14 ----D---- C:\Users\Tomas\AppData\Roaming\MaskMyIP
2015-04-06 15:17:14 ----D---- C:\ProgramData\MaskMyIP
2015-04-03 21:23:22 ----N---- C:\WINDOWS\Updreg.EXE
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\xFiMB2CfgUninstall32.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\CTtele32.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ctpxst32.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgfx.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AMBSpiE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AmbRunE.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\xFiMB2CfgUninstall64.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\CTtele64.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ctpxst64.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgfx.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AMBSpiE.exe
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AmbRunE.dll
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Spk.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Hp.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Capture.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_SP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_HP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\SYSWOW64\ResDefA.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfgUninstall64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.dll
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MCEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MBEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.dll
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\CmdRtr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\APOMngr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\CmdRtr64.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\APOMgr64.DLL
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\OpenAL32.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2015-04-03 21:23:04 ----N---- C:\WINDOWS\SYSWOW64\Sens_oal.dll
2015-04-03 21:23:03 ----N---- C:\WINDOWS\system32\Sens_oal.dll
2015-04-03 21:20:31 ----D---- C:\Program Files\Creative
2015-04-03 21:20:08 ----D---- C:\Program Files (x86)\Creative
2015-04-03 20:12:47 ----D---- C:\Program Files (x86)\Dolby
2015-03-31 00:27:05 ----D---- C:\Riot Games
2015-03-31 00:08:29 ----D---- C:\rads
2015-03-30 18:29:32 ----D---- C:\Program Files (x86)\Registry Recycler
2015-03-30 17:28:31 ----A---- C:\WINDOWS\system32\CxAudMsg64.exe
2015-03-30 17:27:45 ----A---- C:\WINDOWS\SAII_LOG.TXT
2015-03-30 17:23:27 ----A---- C:\WINDOWS\SYSWOW64\SASrv.exe
2015-03-30 17:06:12 ----A---- C:\WINDOWS\system32\UCI64A40.DLL
2015-03-30 17:06:11 ----A---- C:\WINDOWS\system32\drivers\Mixer.ini
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPA64.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\CxPageMaster64.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\drivers\CHDRT64.sys
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CX64BP04.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CSpkExt64.dll
2015-03-30 17:05:38 ----D---- C:\Drivers
2015-03-30 16:18:43 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-03-30 16:09:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-03-30 16:08:54 ----A---- C:\WINDOWS\avastSS.scr
2015-03-30 16:08:25 ----A---- C:\WINDOWS\system32\drivers\aswTap.sys
2015-03-30 16:08:23 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2015-03-30 16:02:33 ----D---- C:\Program Files\AVAST Software
2015-03-27 21:54:12 ----D---- C:\ProgramData\IObit
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-03-27 21:45:38 ----D---- C:\Program Files\trend micro
2015-03-27 21:45:37 ----D---- C:\rsit
2015-03-25 18:47:01 ----D---- C:\Program Files (x86)\AutoClick3
2015-03-21 12:41:56 ----D---- C:\Program Files (x86)\Microsoft
2015-03-21 12:10:38 ----D---- C:\Program Files (x86)\PCSX2 1.2.1

======List of files/folders modified in the last 1 month======

2015-04-12 18:13:07 ----D---- C:\WINDOWS\Temp
2015-04-12 18:02:00 ----D---- C:\WINDOWS\system32\sru
2015-04-12 17:11:48 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-12 17:09:48 ----D---- C:\WINDOWS\Prefetch
2015-04-12 15:31:49 ----D---- C:\WINDOWS\system32\drivers
2015-04-12 15:31:49 ----D---- C:\WINDOWS\Inf
2015-04-12 15:31:41 ----D---- C:\WINDOWS\system32\DriverStore
2015-04-12 15:30:07 ----HD---- C:\ProgramData
2015-04-12 15:29:39 ----D---- C:\Windows
2015-04-12 15:29:37 ----RD---- C:\Program Files (x86)
2015-04-12 15:28:02 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-04-12 15:20:31 ----D---- C:\Users\Tomas\AppData\Roaming\ClassicShell
2015-04-12 15:10:38 ----D---- C:\WINDOWS\SysWOW64
2015-04-12 14:46:51 ----D---- C:\WINDOWS\System32
2015-04-12 14:46:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-12 14:45:24 ----D---- C:\WINDOWS\system32\NDF
2015-04-12 13:45:08 ----SHD---- C:\WINDOWS\Installer
2015-04-12 13:33:30 ----D---- C:\WINDOWS\Tasks
2015-04-12 13:33:30 ----D---- C:\WINDOWS\system32\Tasks
2015-04-12 13:32:39 ----D---- C:\Program Files
2015-04-12 13:26:07 ----D---- C:\ProgramData\hdgacbecipihjanjmahfcldombgfnpip
2015-04-12 11:52:33 ----SHD---- C:\System Volume Information
2015-04-12 00:45:37 ----D---- C:\Program Files (x86)\Steam
2015-04-11 12:17:28 ----D---- C:\WINDOWS\system32\config
2015-04-10 20:45:07 ----D---- C:\WINDOWS\AppReadiness
2015-04-10 17:29:02 ----RSD---- C:\WINDOWS\assembly
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\Camdata.ini
2015-04-08 17:59:20 ----D---- C:\ProgramData\BlueStacksSetup
2015-04-08 16:28:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 16:09:52 ----D---- C:\Program Files (x86)\opera
2015-04-07 12:35:52 ----D---- C:\Users\Tomas\AppData\Roaming\TS3Client
2015-04-04 15:26:47 ----HD---- C:\Program Files\WindowsApps
2015-04-04 15:17:51 ----D---- C:\WINDOWS\CbsTemp
2015-04-03 21:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-03 21:20:46 ----D---- C:\Program Files (x86)\Common Files
2015-04-03 21:02:14 ----D---- C:\Program Files (x86)\IObit
2015-04-02 14:35:01 ----D---- C:\Counter-Strike 1.6
2015-04-02 12:00:33 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2015-03-31 10:39:56 ----D---- C:\ProgramData\Adobe
2015-03-31 01:04:22 ----D---- C:\Users\Tomas\AppData\Roaming\LSC
2015-03-31 01:03:29 ----D---- C:\ProgramData\Lenovo
2015-03-31 01:02:57 ----D---- C:\Program Files (x86)\Lenovo
2015-03-31 01:02:42 ----D---- C:\Program Files\Lenovo
2015-03-31 01:00:47 ----D---- C:\WINDOWS\Downloaded Installations
2015-03-31 00:27:19 ----D---- C:\Users\Tomas\AppData\Roaming\Riot Games
2015-03-31 00:15:21 ----D---- C:\WINDOWS\Logs
2015-03-30 19:12:01 ----D---- C:\Program Files\Defraggler
2015-03-30 17:36:18 ----D---- C:\WINDOWS\system32\catroot
2015-03-30 17:26:32 ----D---- C:\ProgramData\Conexant
2015-03-30 17:22:36 ----D---- C:\Program Files\CONEXANT
2015-03-30 16:46:33 ----D---- C:\WINDOWS\system32\wdi
2015-03-30 16:10:36 ----D---- C:\WINDOWS\system32\catroot2
2015-03-30 15:48:34 ----D---- C:\WINDOWS\debug
2015-03-30 15:48:17 ----HD---- C:\WINDOWS\ELAMBKUP
2015-03-30 15:45:02 ----D---- C:\ProgramData\Norton
2015-03-30 15:45:01 ----D---- C:\Program Files (x86)\NortonInstaller
2015-03-30 15:44:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-03-30 14:16:38 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-03-28 13:25:27 ----D---- C:\Program Files (x86)\Rockstar Games
2015-03-28 12:13:17 ----D---- C:\Users\Tomas\AppData\Roaming\Awesomium
2015-03-28 11:30:26 ----D---- C:\hry
2015-03-28 10:57:42 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-27 22:27:59 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-27 21:57:02 ----D---- C:\WINDOWS\ModemLogs
2015-03-27 21:57:01 ----DC---- C:\WINDOWS\Panther
2015-03-27 21:52:22 ----D---- C:\Users\Tomas\AppData\Roaming\IObit
2015-03-26 23:49:20 ----D---- C:\Users\Tomas\AppData\Roaming\MultiBit
2015-03-21 12:42:56 ----D---- C:\WINDOWS\SYSWOW64\directx
2015-03-21 12:42:15 ----SD---- C:\ProgramData\Microsoft
2015-03-21 12:41:29 ----HD---- C:\WINDOWS\msdownld.tmp
2015-03-17 13:24:27 ----D---- C:\WINDOWS\system32\MRT
2015-03-17 13:19:37 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-14 20:36:05 ----D---- C:\WINDOWS\rescache
2015-03-14 20:18:25 ----D---- C:\WINDOWS\WinSxS
2015-03-14 15:15:17 ----D---- C:\Users\Tomas\AppData\Roaming\.minecraft
2015-03-14 11:54:14 ----D---- C:\ProgramData\Origin
2015-03-14 11:45:11 ----D---- C:\Program Files (x86)\Origin
2015-03-13 15:41:31 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:41:31 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:41:28 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:27:45 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:27:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:27:43 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:27:43 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:27:40 ----D---- C:\WINDOWS\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;@oem21.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2015-03-30 449896]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-03-30 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-03-30 271200]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-05-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-12-13 31376]
R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2015-03-30 28144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-03-30 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-03-30 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-03-30 442264]
R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-04-28 283064]
R1 HssDRV6;@oem43.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2014-10-11 917112]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2014-10-11 129168]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-03-30 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-03-30 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-03-30 136752]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-24 144600]
R3 ACPIVPC;@oem12.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-05-20 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\system32\DRIVERS\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\system32\DRIVERS\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem28.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-09-04 46136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;@oem50.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 ScreamBAudioSvc;@oem23.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2009-11-26 38992]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-27 43832]
R3 SynTP;@oem4.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-27 448312]
R3 tap0901t;@oem45.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss6;@oem1.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2014-10-11 142528]
R3 VBoxNetFlt;@oem48.inf,%VBoxNetFltService_Desc%;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2014-10-11 157448]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\drivers\lmimirr.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys []
S3 aswTap;@oem42.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-30 44640]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-02-27 22704]
S3 RSUSBVSTOR;@oem29.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-30 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-30 107448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-24 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-24 798424]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-09-30 294912]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-09-04 2525008]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2014-05-17 919040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-08-08 377616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-12-13 935240]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-01-09 143624]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-24 433880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2014-05-17 430344]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2015-04-03 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2015-04-03 79360]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-11-17 182304]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2014-05-17 78512]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-14 1910640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-11-04 762320]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\Microsoft\BingBar
C:\Users\Tomas\AppData\Local\Facebook\Update
C:\Users\Tomas\AppData\Roaming\gleam
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a19638fe-8536-4bcf-b659-a38ad619be61}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
"reg_svr"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
c2cautoupdatesvc
c2cpnrsvc
BBUpdate
BBSvc

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Podle hlášky byl šmejd přesunut do karantény.

Po restartu se mi na ploše objevily 4 "průhledné" soubory - přikládám screen.
Níže je nový log


Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomas at 2015-04-12 19:23:10
Microsoft Windows 8.1
System drive C: has 354 GB (39%) free of 905 GB
Total RAM: 3962 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:21, on 12. 4. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Tomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5667B02C-3890-45A6-9A63-6F036B8BA497}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE84DB5B-1860-4CAD-8ACB-28D004D33A18}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 15221 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe"
"C:\Program Files (x86)\Stardock\Start8\Start8_64.exe" START
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe"
C:\WINDOWS\system32\CxAudMsg64.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
taskeng.exe {3887C9F7-B799-4493-B19A-342E93FBF3B8}
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 693f76fd-3b32-4e77-9e8b-2c307f28d914 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\System32\WScript.exe "C:\ProgramData\Lenovo-30316.vbs"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\THXCfg64.dll,RunDLLEntry THXCfg64
"C:\Windows\System32\rundll32.exe" C:\WINDOWS\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Opera\launcher.exe" --scheduledautoupdate
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\cmd.exe /c ""C:\ProgramData\Lenovo\SupportTVSU\SupportFeed.CMD" "
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Opera\28.0.1750.51\opera_autoupdate.exe" --host --pipeid=oauc_task_pipee59e7323ed1cebd78082538c8b9cbe70 --version=28.0.1750.51 --lang=cs --producttype --requesttype=automatic --downloaddir="C:\WINDOWS\TEMP\Opera Autoupdate" --operadir="C:\Program Files (x86)\Opera\28.0.1750.51" --installdir="C:\Program Files (x86)\Opera" --profile="C:\WINDOWS\TEMP\Opera Autoupdate" --nometrics --scheduledtask
C:\WINDOWS\system32\svchost.exe -k imgsvc
cscript C:\Users\Tomas\AppData\Local\Temp\date-18342.vbs //NoLogo

"C:\Users\Tomas\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002Core.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3095543077-3893173563-4132863104-1002UA.job - C:\Users\Tomas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin]
"Description"=OGPlanet Game Plugin
"Path"=C:\WINDOWS\system32\npOGPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\1jzs6adf.default-1428693052232\extensions\
518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-30 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-28 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-30 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-28 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2014-02-25 26343936]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{a19638fe-8536-4bcf-b659-a38ad619be61}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-25 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-25 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-25 770520]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-05-20 17079376]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-05-20 191568]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2014-11-17 2800296]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-07-24 903384]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"THXCfg64"=C:\WINDOWS\system32\THXCfg64.dll [2010-07-26 18432]
"RunDLLEntry"=C:\WINDOWS\system32\AmbRunE.dll [2009-02-26 17920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"RoboForm"=C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-02-25 100200]
"cz.seznam.software.autoupdate"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tomas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Tomas\AppData\Roaming\uTorrent\uTorrent.exe [2015-01-31 1374032]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2012-05-02 548864]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2012-07-27 167024]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2012-04-19 217088]
"RemoteControl10"=C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-09-04 3802448]
"WindowsDriverScan86"=C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk [2014-08-10 1501]
"WindowsDriverScan64"=C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk [2015-02-27 1512]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-30 5512912]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2015-03-24 863960]
"VolPanel"=C:\Program Files (x86)\Creative\SB X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [2010-02-18 241789]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-01-25 131712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" d3dgearload64.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-25 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.WVC1"=d3dgeardecoder64.dll
"VIDC.WMV3"=d3dgeardecoder64.dll
"VIDC.MJPG"=bdmjpeg64.dll
"VIDC.M4S2"=d3dgeardecoder64.dll
"VIDC.FVFW"=d3dgeardecoder64.dll
"VIDC.FFVH"=d3dgeardecoder64.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-12 19:06:56 ----D---- C:\_OTM
2015-04-12 15:31:33 ----A---- C:\WINDOWS\system32\drivers\hssdrv6.sys
2015-04-12 15:30:07 ----D---- C:\ProgramData\Hotspot Shield
2015-04-12 15:29:37 ----D---- C:\Program Files (x86)\Hotspot Shield
2015-04-12 15:10:38 ----D---- C:\Program Files (x86)\Zards software
2015-04-12 14:47:53 ----D---- C:\ProgramData\EPS
2015-04-12 13:23:51 ----D---- C:\AdwCleaner
2015-04-11 17:46:11 ----D---- C:\WINDOWS\Minidump
2015-04-08 17:59:46 ----D---- C:\ProgramData\BlueStacks
2015-04-08 17:59:46 ----D---- C:\Program Files (x86)\BlueStacks
2015-04-08 13:13:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-06 15:24:39 ----D---- C:\Users\Tomas\AppData\Roaming\SuperHideIP
2015-04-06 15:24:39 ----D---- C:\ProgramData\SuperHideIP
2015-04-06 15:17:14 ----D---- C:\Users\Tomas\AppData\Roaming\MaskMyIP
2015-04-06 15:17:14 ----D---- C:\ProgramData\MaskMyIP
2015-04-03 21:23:22 ----N---- C:\WINDOWS\Updreg.EXE
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\xFiMB2CfgUninstall32.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\CTtele32.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\ctpxst32.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\cfgfx.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AMBSpiE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\SYSWOW64\AmbRunE.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\xFiMB2CfgUninstall64.ini
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ResDefE.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\CTtele64.dll
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\ctpxst64.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgChain.exe
2015-04-03 21:23:18 ----N---- C:\WINDOWS\system32\cfgfx.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AMBSpiE.exe
2015-04-03 21:23:17 ----N---- C:\WINDOWS\system32\AmbRunE.dll
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Spk.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render_Hp.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Render.ini
2015-04-03 21:23:17 ----N---- C:\WINDOWS\FF08_Capture.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_SP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_HP_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\THXCfg_APOIM.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\SYSWOW64\ResDefA.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfgUninstall64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\THXCfg64.dll
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MCEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\MBEptMon.ini
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.exe
2015-04-03 21:23:11 ----N---- C:\WINDOWS\system32\EptMon64.dll
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\CmdRtr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\SYSWOW64\APOMngr.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\CmdRtr64.DLL
2015-04-03 21:23:08 ----A---- C:\WINDOWS\system32\APOMgr64.DLL
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\SYSWOW64\OpenAL32.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2015-04-03 21:23:05 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2015-04-03 21:23:04 ----N---- C:\WINDOWS\SYSWOW64\Sens_oal.dll
2015-04-03 21:23:03 ----N---- C:\WINDOWS\system32\Sens_oal.dll
2015-04-03 21:20:31 ----D---- C:\Program Files\Creative
2015-04-03 21:20:08 ----D---- C:\Program Files (x86)\Creative
2015-04-03 20:12:47 ----D---- C:\Program Files (x86)\Dolby
2015-03-31 00:27:05 ----D---- C:\Riot Games
2015-03-31 00:08:29 ----D---- C:\rads
2015-03-30 18:29:32 ----D---- C:\Program Files (x86)\Registry Recycler
2015-03-30 17:28:31 ----A---- C:\WINDOWS\system32\CxAudMsg64.exe
2015-03-30 17:27:45 ----A---- C:\WINDOWS\SAII_LOG.TXT
2015-03-30 17:23:27 ----A---- C:\WINDOWS\SYSWOW64\SASrv.exe
2015-03-30 17:06:12 ----A---- C:\WINDOWS\system32\UCI64A40.DLL
2015-03-30 17:06:11 ----A---- C:\WINDOWS\system32\drivers\Mixer.ini
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPP64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPO64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPD64A.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\DDPA64.dll
2015-03-30 17:06:09 ----A---- C:\WINDOWS\system32\CxPageMaster64.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\drivers\CHDRT64.sys
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CX64BP04.dll
2015-03-30 17:06:08 ----A---- C:\WINDOWS\system32\CSpkExt64.dll
2015-03-30 17:05:38 ----D---- C:\Drivers
2015-03-30 16:18:43 ----D---- C:\Users\Tomas\AppData\Roaming\AVAST Software
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2015-03-30 16:09:24 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-03-30 16:09:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-03-30 16:08:54 ----A---- C:\WINDOWS\avastSS.scr
2015-03-30 16:08:25 ----A---- C:\WINDOWS\system32\drivers\aswTap.sys
2015-03-30 16:08:23 ----A---- C:\WINDOWS\system32\drivers\aswNdisFlt.sys
2015-03-30 16:02:33 ----D---- C:\Program Files\AVAST Software
2015-03-27 21:54:12 ----D---- C:\ProgramData\IObit
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-03-27 21:54:10 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-03-27 21:45:38 ----D---- C:\Program Files\trend micro
2015-03-27 21:45:37 ----D---- C:\rsit
2015-03-25 18:47:01 ----D---- C:\Program Files (x86)\AutoClick3
2015-03-21 12:41:56 ----D---- C:\Program Files (x86)\Microsoft
2015-03-21 12:10:38 ----D---- C:\Program Files (x86)\PCSX2 1.2.1

======List of files/folders modified in the last 1 month======

2015-04-12 19:23:17 ----D---- C:\WINDOWS\Prefetch
2015-04-12 19:18:23 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-04-12 19:17:44 ----D---- C:\WINDOWS\Temp
2015-04-12 19:11:16 ----D---- C:\Users\Tomas\AppData\Roaming\ClassicShell
2015-04-12 19:07:02 ----RD---- C:\Program Files (x86)\Skype
2015-04-12 19:00:06 ----D---- C:\WINDOWS\system32\sru
2015-04-12 17:11:48 ----D---- C:\WINDOWS\Microsoft.NET
2015-04-12 15:31:49 ----D---- C:\WINDOWS\system32\drivers
2015-04-12 15:31:49 ----D---- C:\WINDOWS\Inf
2015-04-12 15:31:41 ----D---- C:\WINDOWS\system32\DriverStore
2015-04-12 15:30:07 ----HD---- C:\ProgramData
2015-04-12 15:29:39 ----D---- C:\Windows
2015-04-12 15:29:37 ----RD---- C:\Program Files (x86)
2015-04-12 15:10:38 ----D---- C:\WINDOWS\SysWOW64
2015-04-12 14:46:51 ----D---- C:\WINDOWS\System32
2015-04-12 14:46:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-12 14:45:24 ----D---- C:\WINDOWS\system32\NDF
2015-04-12 13:45:08 ----SHD---- C:\WINDOWS\Installer
2015-04-12 13:33:30 ----D---- C:\WINDOWS\Tasks
2015-04-12 13:33:30 ----D---- C:\WINDOWS\system32\Tasks
2015-04-12 13:32:39 ----D---- C:\Program Files
2015-04-12 13:26:07 ----D---- C:\ProgramData\hdgacbecipihjanjmahfcldombgfnpip
2015-04-12 11:52:33 ----SHD---- C:\System Volume Information
2015-04-12 00:45:37 ----D---- C:\Program Files (x86)\Steam
2015-04-11 12:17:28 ----D---- C:\WINDOWS\system32\config
2015-04-10 20:45:07 ----D---- C:\WINDOWS\AppReadiness
2015-04-10 17:29:02 ----RSD---- C:\WINDOWS\assembly
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamShapes.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\CamLayout.ini
2015-04-10 16:50:55 ----A---- C:\Users\Tomas\AppData\Roaming\Camdata.ini
2015-04-08 17:59:20 ----D---- C:\ProgramData\BlueStacksSetup
2015-04-08 16:28:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-08 16:09:52 ----D---- C:\Program Files (x86)\opera
2015-04-07 12:35:52 ----D---- C:\Users\Tomas\AppData\Roaming\TS3Client
2015-04-04 15:26:47 ----HD---- C:\Program Files\WindowsApps
2015-04-04 15:17:51 ----D---- C:\WINDOWS\CbsTemp
2015-04-03 21:23:16 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-04-03 21:20:46 ----D---- C:\Program Files (x86)\Common Files
2015-04-03 21:02:14 ----D---- C:\Program Files (x86)\IObit
2015-04-02 14:35:01 ----D---- C:\Counter-Strike 1.6
2015-04-02 12:00:33 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2015-03-31 10:39:56 ----D---- C:\ProgramData\Adobe
2015-03-31 01:04:22 ----D---- C:\Users\Tomas\AppData\Roaming\LSC
2015-03-31 01:03:29 ----D---- C:\ProgramData\Lenovo
2015-03-31 01:02:57 ----D---- C:\Program Files (x86)\Lenovo
2015-03-31 01:02:42 ----D---- C:\Program Files\Lenovo
2015-03-31 01:00:47 ----D---- C:\WINDOWS\Downloaded Installations
2015-03-31 00:27:19 ----D---- C:\Users\Tomas\AppData\Roaming\Riot Games
2015-03-31 00:15:21 ----D---- C:\WINDOWS\Logs
2015-03-30 19:12:01 ----D---- C:\Program Files\Defraggler
2015-03-30 17:36:18 ----D---- C:\WINDOWS\system32\catroot
2015-03-30 17:26:32 ----D---- C:\ProgramData\Conexant
2015-03-30 17:22:36 ----D---- C:\Program Files\CONEXANT
2015-03-30 16:46:33 ----D---- C:\WINDOWS\system32\wdi
2015-03-30 16:10:36 ----D---- C:\WINDOWS\system32\catroot2
2015-03-30 15:48:34 ----D---- C:\WINDOWS\debug
2015-03-30 15:48:17 ----HD---- C:\WINDOWS\ELAMBKUP
2015-03-30 15:45:02 ----D---- C:\ProgramData\Norton
2015-03-30 15:45:01 ----D---- C:\Program Files (x86)\NortonInstaller
2015-03-30 15:44:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-03-30 14:16:38 ----D---- C:\Users\Tomas\AppData\Roaming\Identities
2015-03-28 13:25:27 ----D---- C:\Program Files (x86)\Rockstar Games
2015-03-28 12:13:17 ----D---- C:\Users\Tomas\AppData\Roaming\Awesomium
2015-03-28 11:30:26 ----D---- C:\hry
2015-03-28 10:57:42 ----D---- C:\Program Files (x86)\Ubisoft
2015-03-27 22:27:59 ----D---- C:\WINDOWS\SoftwareDistribution
2015-03-27 21:57:02 ----D---- C:\WINDOWS\ModemLogs
2015-03-27 21:57:01 ----DC---- C:\WINDOWS\Panther
2015-03-27 21:52:22 ----D---- C:\Users\Tomas\AppData\Roaming\IObit
2015-03-26 23:49:20 ----D---- C:\Users\Tomas\AppData\Roaming\MultiBit
2015-03-21 12:42:56 ----D---- C:\WINDOWS\SYSWOW64\directx
2015-03-21 12:42:15 ----SD---- C:\ProgramData\Microsoft
2015-03-21 12:41:29 ----HD---- C:\WINDOWS\msdownld.tmp
2015-03-17 13:24:27 ----D---- C:\WINDOWS\system32\MRT
2015-03-17 13:19:37 ----A---- C:\WINDOWS\system32\MRT.exe
2015-03-14 20:36:05 ----D---- C:\WINDOWS\rescache
2015-03-14 20:18:25 ----D---- C:\WINDOWS\WinSxS
2015-03-14 15:15:17 ----D---- C:\Users\Tomas\AppData\Roaming\.minecraft
2015-03-14 11:54:14 ----D---- C:\ProgramData\Origin
2015-03-14 11:45:11 ----D---- C:\Program Files (x86)\Origin
2015-03-13 15:41:31 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:41:31 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 15:41:28 ----RD---- C:\WINDOWS\ToastData
2015-03-13 15:27:45 ----D---- C:\Program Files\Windows Defender
2015-03-13 15:27:45 ----D---- C:\Program Files (x86)\Windows Defender
2015-03-13 15:27:43 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-03-13 15:27:43 ----D---- C:\WINDOWS\system32\cs-CZ
2015-03-13 15:27:40 ----D---- C:\WINDOWS\WinStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;@oem21.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys [2015-03-30 449896]
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-03-30 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-03-30 271200]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-02 647736]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-05-20 39008]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2014-12-13 31376]
R0 speedfan;speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2015-03-30 28144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-03-30 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-03-30 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-03-30 442264]
R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-04-28 283064]
R1 HssDRV6;@oem43.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2014-05-17 44744]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2014-10-11 917112]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2014-10-11 129168]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-03-30 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-03-30 88408]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-03-30 136752]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-24 144600]
R3 ACPIVPC;@oem12.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-05-20 33560]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 BTATH_HCRP;@oem14.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\system32\DRIVERS\btath_hcrp.sys [2013-01-25 179432]
R3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\system32\DRIVERS\btath_rcp.sys [2013-01-25 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem28.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2013-07-10 1299648]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2014-09-04 46136]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-25 4221440]
R3 IntcDAud;@oem26.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem24.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-12-13 10345280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;@oem50.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 ScreamBAudioSvc;@oem23.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2009-11-26 38992]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-08-27 43832]
R3 SynTP;@oem4.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-08-27 448312]
R3 tap0901t;@oem45.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
R3 taphss6;@oem1.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2014-05-17 42184]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2014-10-11 142528]
R3 VBoxNetFlt;@oem48.inf,%VBoxNetFltService_Desc%;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2014-10-11 157448]
S1 lmimirr;lmimirr; C:\WINDOWS\system32\drivers\lmimirr.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys []
S3 aswTap;@oem42.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-30 44640]
S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-25 89168]
S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-25 346192]
S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-25 115280]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-25 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 EagleX64;EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys []
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2015-02-27 22704]
S3 RSUSBVSTOR;@oem29.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-06-15 315536]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-01-25 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-30 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-03-30 107448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-24 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-24 798424]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-09-30 294912]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-09-04 2525008]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2014-05-17 919040]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2014-05-17 430344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-08-08 377616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-12-13 935240]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
R2 Start8;Stardock Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-01-09 143624]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-24 433880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-27 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-25 279000]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2015-04-03 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2015-04-03 79360]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2014-11-17 182304]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16 116648]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2014-05-17 78512]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-03-09 272440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-14 1910640]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-03-24 836288]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2014-11-04 762320]

-----------------EOF-----------------

Nedavno sem mel v pc virus "RDS" (pokud to správně píšu), je kompletně pryč ?

Ty soubory smažte. Vytvořil je RSIT. Dvouklikem na soubor C:\Program Files\trend micro\Tomas.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - (no file)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - (no file)
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Otevřel sem složku C: a v ní byly další průhledné složky, a soubory. Přikládám screen shot.


Update: Tyto složky jsou po celém PC

Ty složky a soubory jsou regulérní. Nastala po čištění nějaká změna?

Pc se o hodne zrychlilo, nyní jdu použít Hijack

K čemu hijack?

Objevila se mi tato zpráva

Rikal jste, ze ho mam spustit

Dvouklikem na soubor C:\Program Files\trend micro\Tomas.exe spusťte HijackThis.