VIRY.CZ

Dobrý den, z ničeho nic mi přestává fungovat myš a touchpad, občas nefungují ani základní klávesové zkratky jako je Alt + TAB, taky když si otevřu novou záložku v prohlížeči a chci se vrátit na tu předchozí tak se ta první záložka sama zavře, prosím o kontrolu logu

Logfile of random's system information tool 1.10 (written by random/random)
Run by Antónia at 2015-06-19 14:16:33
Microsoft Windows 8.1
System drive C: has 189 GB (41%) free of 459 GB
Total RAM: 3529 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:16:38, on 19. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Antónia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\eb3ee8bc-0551-4e35-8611-a97151c77081.exe /check
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Atlas Plug - Truth Be Known.lnk = C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\updateSourceApp.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11106 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {959dea0d-b666-43b2-a2941ab7d346b2fc}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
szndesktop.exe default start
"C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe" --startup=1
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastUi.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\AntĂłnia\AppData\Local\Steam\htmlcache" -steampid 2264 -buildid 1433441724 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2512 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="2512.0.1126995604\547052863" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2512 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="2512.1.687701966\1492910465" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7404.0.1084468158\696116238" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x9850 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.2.225285612\1194724895" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.3.1138854456\1304624380" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.4.440940669\1435610743" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.5.703142573\1672189564" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.16.453910752\60276260" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7404 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="7404.25.441883991\988429490" /prefetch:673131151
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5e0e0584-b0d7-4d52-ad91-729d2fa822ac -SystemEventPortName:HostProcess-ad1b3a2e-6472-4b0e-aa3a-9db64c7a2318 -IoCancelEventPortName:HostProcess-02197f65-f0ca-45ad-ba6b-f588460d95da -NonStateChangingEventPortName:HostProcess-219e1024-c3cf-42d7-8b91-2bd4087b2945 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:40aa8fb4-e9c0-42b7-bf75-0a7d9204fb53 -DeviceGroupId:WudfDefaultDevicePool
"C:\Users\Antónia\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForAntónia.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAntónia (null)
C:\Windows\tasks\Norton Security Scan for Antónia.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-19 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-19 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-02-13 7535832]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2014-03-31 482528]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-05-22 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-05-15 55568]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-19 5515496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\eb3ee8bc-0551-4e35-8611-a97151c77081.exe [2015-06-19 183232]

C:\Users\Antónia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Atlas Plug - Truth Be Known.lnk - C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-19 14:02:35 ----D---- C:\Program Files\trend micro
2015-06-19 14:02:34 ----D---- C:\rsit
2015-06-19 03:25:43 ----D---- C:\Users\Antónia\AppData\Roaming\AVAST Software
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-06-19 03:22:21 ----A---- C:\Windows\system32\aswBoot.exe
2015-06-19 03:22:03 ----A---- C:\Windows\avastSS.scr
2015-06-19 02:36:16 ----D---- C:\Program Files\AVAST Software
2015-06-19 02:34:09 ----D---- C:\ProgramData\AVAST Software
2015-06-19 02:15:40 ----D---- C:\Program Files\Reimage
2015-06-19 02:08:27 ----A---- C:\Windows\Reimage.ini
2015-06-10 10:22:26 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 10:21:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-06-10 10:21:42 ----A---- C:\Windows\system32\msftedit.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\puiobj.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\localspl.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\compstui.dll
2015-06-10 10:21:39 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 10:19:18 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-06-10 10:19:18 ----A---- C:\Windows\system32\mssrch.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssvp.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\system32\mssphtb.dll
2015-06-10 10:19:15 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS
2015-06-10 10:19:14 ----A---- C:\Windows\SYSWOW64\authz.dll
2015-06-10 10:19:14 ----A---- C:\Windows\system32\authz.dll
2015-06-10 10:19:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 10:19:13 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 10:19:09 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 10:19:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 10:19:01 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 10:19:00 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 10:18:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 10:18:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 10:18:57 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 10:18:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\actxprxy.dll
2015-06-10 10:18:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 10:18:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 10:18:49 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\webcheck.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 10:17:17 ----A---- C:\Windows\system32\win32k.sys
2015-06-04 15:37:17 ----D---- C:\Program Files (x86)\BattlelogPlus
2015-06-04 15:35:37 ----D---- C:\ProgramData\12218767022801386801
2015-06-04 15:35:19 ----D---- C:\Program Files (x86)\WhIteOFfersApp
2015-06-04 15:31:30 ----D---- C:\ProgramData\{8b9ff7e8-9f93-ef91-8b9f-ff7e89f9dfa2}
2015-06-04 15:31:26 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2015-05-26 16:35:01 ----D---- C:\Windows\Minidump
2015-05-20 21:33:18 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2015-06-19 14:06:17 ----D---- C:\Windows\Prefetch
2015-06-19 14:02:35 ----RD---- C:\Program Files
2015-06-19 14:00:03 ----D---- C:\Windows\system32\sru
2015-06-19 13:22:50 ----D---- C:\Windows\Temp
2015-06-19 13:10:13 ----D---- C:\Program Files (x86)\Steam
2015-06-19 05:54:24 ----D---- C:\Windows\Tasks
2015-06-19 05:54:24 ----D---- C:\Windows\system32\Tasks
2015-06-19 05:54:24 ----D---- C:\ProgramData\{d0c41330-a0f3-4e8d-d0c4-41330a0f4cc2}
2015-06-19 03:23:35 ----D---- C:\Windows\system32\DriverStore
2015-06-19 03:23:35 ----D---- C:\Windows\Inf
2015-06-19 03:22:24 ----D---- C:\Windows\system32\drivers
2015-06-19 03:22:23 ----D---- C:\Windows\WinSxS
2015-06-19 03:22:21 ----RD---- C:\Windows\System32
2015-06-19 03:22:20 ----D---- C:\Windows
2015-06-19 02:34:09 ----HD---- C:\ProgramData
2015-06-19 01:57:32 ----D---- C:\Users\Antónia\AppData\Roaming\Raptr
2015-06-19 01:54:33 ----D---- C:\ProgramData\McAfee
2015-06-19 01:54:33 ----D---- C:\Program Files\Common Files
2015-06-19 01:54:32 ----RD---- C:\Program Files (x86)
2015-06-19 01:54:32 ----D---- C:\Program Files (x86)\McAfee
2015-06-19 01:51:41 ----RSD---- C:\Windows\assembly
2015-06-19 01:50:57 ----HD---- C:\Windows\ELAMBKUP
2015-06-19 01:32:47 ----SHD---- C:\Windows\Installer
2015-06-19 01:32:46 ----D---- C:\Config.Msi
2015-06-19 01:32:32 ----D---- C:\ProgramData\Skype
2015-06-19 01:32:25 ----D---- C:\Program Files (x86)\Common Files
2015-06-19 01:31:45 ----SHD---- C:\System Volume Information
2015-06-19 01:19:54 ----D---- C:\Users\Antónia\AppData\Roaming\Skype
2015-06-19 00:15:08 ----D---- C:\Users\Antónia\AppData\Roaming\TS3Client
2015-06-18 16:21:34 ----D---- C:\Windows\Microsoft.NET
2015-06-18 14:47:41 ----D---- C:\Program Files (x86)\Hearthstone
2015-06-16 21:45:47 ----D---- C:\Windows\system32\config
2015-06-16 13:39:27 ----D---- C:\Windows\AppReadiness
2015-06-16 13:39:25 ----HD---- C:\Program Files\WindowsApps
2015-06-12 14:42:14 ----D---- C:\Windows\rescache
2015-06-12 13:33:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-12 13:07:46 ----D---- C:\Windows\system32\catroot2
2015-06-11 03:48:25 ----D---- C:\Windows\SysWOW64
2015-06-11 03:44:25 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 03:44:24 ----RD---- C:\Windows\ToastData
2015-06-11 03:44:24 ----D---- C:\Windows\system32\appraiser
2015-06-11 03:44:24 ----D---- C:\Windows\apppatch
2015-06-11 03:44:21 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:44:21 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:44:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 13:39:55 ----D---- C:\Windows\CbsTemp
2015-06-10 13:37:55 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 13:29:15 ----D---- C:\Windows\system32\MRT
2015-06-10 13:14:56 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 13:00:12 ----A---- C:\Windows\win.ini
2015-06-10 01:50:53 ----D---- C:\Windows\system32\NDF
2015-06-03 18:18:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-01 23:04:04 ----D---- C:\Program Files (x86)\Battle.net
2015-05-23 21:13:08 ----D---- C:\Windows\system32\catroot
2015-05-21 03:18:45 ----D---- C:\Program Files (x86)\Diablo III
2015-05-20 21:33:18 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-20 21:33:18 ----SD---- C:\Windows\system32\GWX
2015-05-20 15:35:52 ----SD---- C:\Users\Antónia\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem18.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2014-02-25 230088]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-06-19 272248]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-06-19 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-06-19 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-19 442264]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 dtsoftbus01;@oem21.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-02-26 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-05-29 489776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem20.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2014-10-28 229056]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-06-19 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-06-19 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-06-19 137288]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-14 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-14 42696]
R3 AmdAS4;@oem4.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 athr;@oem11.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-17 3858944]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-08-07 590024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 clwvd;@oem15.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-13 3853016]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem9.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem17.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-06-19 65736]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2014-02-25 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 WDC_SAM;@oem16.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2014-02-13 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-07 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-19 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-02-13 290520]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2014-02-25 51712]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Update SourceApp;Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe []
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-27 1930608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v4.206 - Log vytvořen 19/06/2015 v 14:57:03
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-17.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Antónia - SYBIA
# Spuštěno z : C:\Users\Antónia\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\{8b9ff7e8-9f93-ef91-8b9f-ff7e89f9dfa2}
Složka Smazáno : C:\ProgramData\{d0c41330-a0f3-4e8d-d0c4-41330a0f4cc2}
Složka Smazáno : C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}
Složka Smazáno : C:\Program Files (x86)\SourceApp
Složka Smazáno : C:\Program Files (x86)\WhIteOFfersApp
Složka Smazáno : C:\Users\ANTNIA~1\AppData\Local\Temp\SourceApp
Složka Smazáno : C:\Program Files\Reimage
Soubor Smazáno : C:\Windows\Reimage.ini

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB82DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{355FE5A0-F76C-0FCB-3575-FAD0CBA4A5F3}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\websearch.goodforsearch.info

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v43.0.2357.81

[C:\Users\Antónia\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : 86EF6E0E3D689009710679BDC12A512606B90C736755779B8DDBA25DD325B4F9","homepage_is_newtabpage":"0E5ADA6105D8097294DA767FB139B11DD10069CD6E7DF40EDA82F8485EC0F166","pinned_tabs":"7F9B1FEE3B510131CAD63D60DE2145541C12F0B29E6795451FD3CDF3F4C62436","prefs":{"preference_reset_time":"7279D113C5643828AAE91F1C57318DBCC0A550BFD891101F56E2477DB06325F3"},"profile":{"reset_prompt_memento":"EC84A7016E13D2CE83AFFD64B6929595F88EA03ACFC98935A3F8A214D08FA762"},"safebrowsing":{"incidents_sent":"8007F5C5A82CC2B19D93FF5CD72A6794953B7C31EC1BB8DA682592D51673FC54"},"search_provider_overrides":"0C9FB6033AB0E92DA8B9D6BDCE23393DD0A3C974E276F2C030AF64BCC43AADBE","session":{"restore_on_startup":"AD473BCB220A98CA5BF5E415C6695F2FD031D3256C2804D9DE2A2C79947A5E6C","startup_urls":"18EE5C1C713E13D9D5B6EA26A067BD0D2FB78D271899360B9D3E6931450A1C95"},"software_reporter":{"prompt_reason":"86206750699C614A1AA6265AA4C014A2F41BC24871A0A5FDF3896D566A0EF9E9","prompt_seed":"788994614796AD5B2AAEB4CE588BB0A6041FF87E8C68C03542252A3768E7FA50","prompt_version":"85641149D5588E36425C1EAECF7BD88C76BAAAC533CB3359243E3E779FBDC3E1"},"sync":{"remaining_rollback_tries":"B0E331A15A70255966B73A4C16BA492EEBAEE893378A37322780AE9ADBE93AD4"}},"super_mac":"ED49AB3D7E0486983613888F2B9182AC4963DBE13551DEB7978570B38954CD07"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["hxxp://websearch.goodforsearch.info/?pid=24387&r=2015/05/06&hid=3096201624933215745&lg=EN&cc=CZ&unqvl=86
[C:\Users\Antónia\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 18EE5C1C713E13D9D5B6EA26A067BD0D2FB78D271899360B9D3E6931450A1C95"},"software_reporter":{"prompt_reason":"86206750699C614A1AA6265AA4C014A2F41BC24871A0A5FDF3896D566A0EF9E9","prompt_seed":"788994614796AD5B2AAEB4CE588BB0A6041FF87E8C68C03542252A3768E7FA50","prompt_version":"85641149D5588E36425C1EAECF7BD88C76BAAAC533CB3359243E3E779FBDC3E1"},"sync":{"remaining_rollback_tries":"B0E331A15A70255966B73A4C16BA492EEBAEE893378A37322780AE9ADBE93AD4"}},"super_mac":"ED49AB3D7E0486983613888F2B9182AC4963DBE13551DEB7978570B38954CD07"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["hxxp://websearch.goodforsearch.info/?pid=24387&r=2015/05/06&hid=3096201624933215745&lg=EN&cc=CZ&unqvl=86

*************************

AdwCleaner[R0].txt - [5841 bytů] - [19/06/2015 14:51:51]
AdwCleaner[S0].txt - [5438 bytů] - [19/06/2015 14:57:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5496 bytů] ##########

a jinak mi antivir vyhazuje ještě toto

Tou hláškou oznámil Avast zablokování vstupu infekce do PC. Normální reakce. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Antónia at 2015-06-19 17:03:01
Microsoft Windows 8.1
System drive C: has 189 GB (41%) free of 459 GB
Total RAM: 3529 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:08, on 19. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Antónia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Atlas Plug - Truth Be Known.lnk = C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\updateSourceApp.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10762 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {8141ef49-fecd-48a6-aaa6214a48993afb}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\AntĂłnia\AppData\Local\Steam\htmlcache" -steampid 4508 -buildid 1433441724 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
szndesktop.exe default start
"C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4788 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="4788.0.818247480\737454663" /prefetch:673131151
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4788 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="4788.1.1476888630\729770497" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4772.0.104802643\1468805786" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x9850 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4772 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="4772.2.474939292\1513713484" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4772 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="4772.3.539325369\2089408433" /prefetch:673131151
"C:\Windows\System32\Taskmgr.exe" /3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4772 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="4772.34.839467297\138425467" /prefetch:673131151
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4772 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="4772.37.1302589011\845096988" /prefetch:673131151
"C:\Users\Antónia\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForAntónia.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAntónia (null)
C:\Windows\tasks\Norton Security Scan for Antónia.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-19 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-19 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-02-13 7535832]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2014-03-31 482528]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-05-22 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-05-15 55568]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-19 5515496]

C:\Users\Antónia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Atlas Plug - Truth Be Known.lnk - C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-19 14:50:40 ----D---- C:\AdwCleaner
2015-06-19 14:02:35 ----D---- C:\Program Files\trend micro
2015-06-19 14:02:34 ----D---- C:\rsit
2015-06-19 03:25:43 ----D---- C:\Users\Antónia\AppData\Roaming\AVAST Software
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-06-19 03:22:21 ----A---- C:\Windows\system32\aswBoot.exe
2015-06-19 03:22:03 ----A---- C:\Windows\avastSS.scr
2015-06-19 02:36:16 ----D---- C:\Program Files\AVAST Software
2015-06-19 02:34:09 ----D---- C:\ProgramData\AVAST Software
2015-06-10 10:22:26 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 10:21:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-06-10 10:21:42 ----A---- C:\Windows\system32\msftedit.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\puiobj.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\localspl.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\compstui.dll
2015-06-10 10:21:39 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 10:19:18 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-06-10 10:19:18 ----A---- C:\Windows\system32\mssrch.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssvp.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\system32\mssphtb.dll
2015-06-10 10:19:15 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS
2015-06-10 10:19:14 ----A---- C:\Windows\SYSWOW64\authz.dll
2015-06-10 10:19:14 ----A---- C:\Windows\system32\authz.dll
2015-06-10 10:19:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 10:19:13 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 10:19:09 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 10:19:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 10:19:01 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 10:19:00 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 10:18:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 10:18:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 10:18:57 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 10:18:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\actxprxy.dll
2015-06-10 10:18:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 10:18:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 10:18:49 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\webcheck.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 10:17:17 ----A---- C:\Windows\system32\win32k.sys
2015-06-04 15:37:17 ----D---- C:\Program Files (x86)\BattlelogPlus
2015-06-04 15:35:37 ----D---- C:\ProgramData\12218767022801386801
2015-06-04 15:31:26 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2015-05-26 16:35:01 ----D---- C:\Windows\Minidump
2015-05-20 21:33:18 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2015-06-19 17:00:00 ----D---- C:\Windows\system32\sru
2015-06-19 15:04:04 ----D---- C:\Users\Antónia\AppData\Roaming\Raptr
2015-06-19 15:02:54 ----D---- C:\Windows\Prefetch
2015-06-19 15:02:16 ----D---- C:\Program Files (x86)\Steam
2015-06-19 15:00:08 ----D---- C:\Windows\Temp
2015-06-19 14:57:04 ----RD---- C:\Program Files (x86)
2015-06-19 14:57:04 ----RD---- C:\Program Files
2015-06-19 14:57:04 ----HD---- C:\ProgramData
2015-06-19 14:57:04 ----D---- C:\Windows
2015-06-19 05:54:24 ----D---- C:\Windows\Tasks
2015-06-19 05:54:24 ----D---- C:\Windows\system32\Tasks
2015-06-19 03:23:35 ----D---- C:\Windows\system32\DriverStore
2015-06-19 03:23:35 ----D---- C:\Windows\Inf
2015-06-19 03:22:24 ----D---- C:\Windows\system32\drivers
2015-06-19 03:22:23 ----D---- C:\Windows\WinSxS
2015-06-19 03:22:21 ----RD---- C:\Windows\System32
2015-06-19 01:54:33 ----D---- C:\ProgramData\McAfee
2015-06-19 01:54:33 ----D---- C:\Program Files\Common Files
2015-06-19 01:54:32 ----D---- C:\Program Files (x86)\McAfee
2015-06-19 01:51:41 ----RSD---- C:\Windows\assembly
2015-06-19 01:50:57 ----HD---- C:\Windows\ELAMBKUP
2015-06-19 01:32:47 ----SHD---- C:\Windows\Installer
2015-06-19 01:32:46 ----D---- C:\Config.Msi
2015-06-19 01:32:32 ----D---- C:\ProgramData\Skype
2015-06-19 01:32:25 ----D---- C:\Program Files (x86)\Common Files
2015-06-19 01:31:45 ----SHD---- C:\System Volume Information
2015-06-19 01:19:54 ----D---- C:\Users\Antónia\AppData\Roaming\Skype
2015-06-19 00:15:08 ----D---- C:\Users\Antónia\AppData\Roaming\TS3Client
2015-06-18 16:21:34 ----D---- C:\Windows\Microsoft.NET
2015-06-18 14:47:41 ----D---- C:\Program Files (x86)\Hearthstone
2015-06-16 21:45:47 ----D---- C:\Windows\system32\config
2015-06-16 13:39:27 ----D---- C:\Windows\AppReadiness
2015-06-16 13:39:25 ----HD---- C:\Program Files\WindowsApps
2015-06-12 14:42:14 ----D---- C:\Windows\rescache
2015-06-12 13:33:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-12 13:07:46 ----D---- C:\Windows\system32\catroot2
2015-06-11 03:48:25 ----D---- C:\Windows\SysWOW64
2015-06-11 03:44:25 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 03:44:24 ----RD---- C:\Windows\ToastData
2015-06-11 03:44:24 ----D---- C:\Windows\system32\appraiser
2015-06-11 03:44:24 ----D---- C:\Windows\apppatch
2015-06-11 03:44:21 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:44:21 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:44:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 13:39:55 ----D---- C:\Windows\CbsTemp
2015-06-10 13:37:55 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 13:29:15 ----D---- C:\Windows\system32\MRT
2015-06-10 13:14:56 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 13:00:12 ----A---- C:\Windows\win.ini
2015-06-10 01:50:53 ----D---- C:\Windows\system32\NDF
2015-06-03 18:18:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-01 23:04:04 ----D---- C:\Program Files (x86)\Battle.net
2015-05-23 21:13:08 ----D---- C:\Windows\system32\catroot
2015-05-21 03:18:45 ----D---- C:\Program Files (x86)\Diablo III
2015-05-20 21:33:18 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-20 21:33:18 ----SD---- C:\Windows\system32\GWX
2015-05-20 15:35:52 ----SD---- C:\Users\Antónia\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem18.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2014-02-25 230088]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-06-19 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-06-19 272248]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-06-19 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-06-19 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-19 442264]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 dtsoftbus01;@oem21.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-02-26 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-05-29 489776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem20.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2014-10-28 229056]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-06-19 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-06-19 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-06-19 137288]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-14 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-14 42696]
R3 AmdAS4;@oem4.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 athr;@oem11.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-17 3858944]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-08-07 590024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 clwvd;@oem15.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-13 3853016]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem9.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem17.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2014-02-25 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 WDC_SAM;@oem16.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2014-02-13 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-07 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-19 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-02-13 290520]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2014-02-25 51712]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Update SourceApp;Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe []
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-27 1930608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Antnia

User: Antónia
->Temp folder emptied: 1773004480 bytes
->Temporary Internet Files folder emptied: 422419828 bytes
->Google Chrome cache emptied: 138604826 bytes
->Flash cache emptied: 1558 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119441546 bytes
RecycleBin emptied: 19051611081 bytes

Total Files Cleaned = 20 509,00 mb


[EMPTYFLASH]

User: All Users

User: Antnia

User: Antónia
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 06192015_173332

Files moved on Reboot...
C:\Users\Antónia\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


zde novy RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Antónia at 2015-06-19 17:48:01
Microsoft Windows 8.1
System drive C: has 209 GB (46%) free of 459 GB
Total RAM: 3529 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:19, on 19. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Antónia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Atlas Plug - Truth Be Known.lnk = C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update SourceApp - Unknown owner - C:\Program Files (x86)\SourceApp\updateSourceApp.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10781 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\SysWOW64\tbaseprovisioning.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {25e20330-f52a-459b-b46415a11c6fa8ea}
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
szndesktop.exe default start
"C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\AntĂłnia\AppData\Local\Steam\htmlcache" -steampid 4552 -buildid 1433441724 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="944.0.1058144787\1007153945" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x9850 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=944 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="944.2.585347007\141542679" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=944 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="944.3.739742761\1476169294" /prefetch:673131151

C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Control/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/GoogleNow/Enable/*IconNTP/Default/*LoadStaleCacheExperiment/Disabled/*LocalNTPFast/Control/*NewProfileManagement/Enabled/*PasswordGeneration/Enabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Enabled/*SdchPersistence/Disabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_38/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_12/*UMA-Uniformity-Trial-50-Percent/default/UMAInitialMetricsTiming/Enabled/*UseDelayAgnosticAEC/Enabled/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Control/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=944 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="944.7.1693498534\2125569509" /prefetch:673131151
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

taskeng.exe {0D910963-8DD8-433D-A010-8CE408AE5BD2}
"C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe" /d speedup
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --enable-threaded-compositing --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4892 --enable-delegated-renderer --num-raster-threads=2 --disable-gpu-compositing --channel="4892.0.386410696\2048258786" /prefetch:673131151
"C:\Users\Antónia\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForAntónia.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAntónia (null)
C:\Windows\tasks\Norton Security Scan for Antónia.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-19 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-19 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-02-13 7535832]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-06-04 2892992]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2014-03-31 482528]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Antónia\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"GoogleChromeAutoLaunch_E25B7AB83E38B10E48540B667E0B3AFC"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-05-22 813896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-05-15 55568]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-19 5515496]

C:\Users\Antónia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Atlas Plug - Truth Be Known.lnk - C:\ProgramData\{d3ff7c9f-2ab5-13da-d3ff-f7c9f2abf27c}\Atlas Plug - Truth Be Known.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-19 17:33:32 ----D---- C:\_OTM
2015-06-19 14:50:40 ----D---- C:\AdwCleaner
2015-06-19 14:02:35 ----D---- C:\Program Files\trend micro
2015-06-19 14:02:34 ----D---- C:\rsit
2015-06-19 03:25:43 ----D---- C:\Users\Antónia\AppData\Roaming\AVAST Software
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-06-19 03:22:24 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-06-19 03:22:21 ----A---- C:\Windows\system32\aswBoot.exe
2015-06-19 03:22:03 ----A---- C:\Windows\avastSS.scr
2015-06-19 02:36:16 ----D---- C:\Program Files\AVAST Software
2015-06-19 02:34:09 ----D---- C:\ProgramData\AVAST Software
2015-06-10 10:22:26 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 10:22:26 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 10:22:25 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 10:21:42 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-06-10 10:21:42 ----A---- C:\Windows\system32\msftedit.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\puiobj.dll
2015-06-10 10:21:41 ----A---- C:\Windows\system32\localspl.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\rastapi.dll
2015-06-10 10:21:40 ----A---- C:\Windows\system32\compstui.dll
2015-06-10 10:21:39 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 10:21:39 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 10:19:18 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-06-10 10:19:18 ----A---- C:\Windows\system32\mssrch.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\tquery.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssvp.dll
2015-06-10 10:19:17 ----A---- C:\Windows\system32\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-06-10 10:19:16 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\UIAutomationCore.dll
2015-06-10 10:19:16 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-06-10 10:19:16 ----A---- C:\Windows\system32\mssphtb.dll
2015-06-10 10:19:15 ----AC---- C:\Windows\system32\drivers\USBXHCI.SYS
2015-06-10 10:19:14 ----A---- C:\Windows\SYSWOW64\authz.dll
2015-06-10 10:19:14 ----A---- C:\Windows\system32\authz.dll
2015-06-10 10:19:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 10:19:13 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 10:19:09 ----A---- C:\Windows\system32\mshtml.dll
2015-06-10 10:19:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 10:19:01 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 10:19:00 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 10:18:59 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 10:18:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 10:18:57 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 10:18:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 10:18:55 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 10:18:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 10:18:53 ----A---- C:\Windows\system32\actxprxy.dll
2015-06-10 10:18:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 10:18:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 10:18:49 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 10:18:48 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 10:18:47 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\webcheck.dll
2015-06-10 10:18:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\inetcomm.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iepeers.dll
2015-06-10 10:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 10:17:17 ----A---- C:\Windows\system32\win32k.sys
2015-06-04 15:37:17 ----D---- C:\Program Files (x86)\BattlelogPlus
2015-06-04 15:35:37 ----D---- C:\ProgramData\12218767022801386801
2015-06-04 15:31:26 ----A---- C:\Windows\SYSWOW64\ntwdblib.dll
2015-05-26 16:35:01 ----D---- C:\Windows\Minidump
2015-05-20 21:33:18 ----D---- C:\Windows\Migration

======List of files/folders modified in the last 1 month======

2015-06-19 17:45:54 ----D---- C:\Users\Antónia\AppData\Roaming\Raptr
2015-06-19 17:44:11 ----D---- C:\Program Files (x86)\Steam
2015-06-19 17:43:44 ----D---- C:\Windows\Prefetch
2015-06-19 17:42:25 ----D---- C:\Windows\Temp
2015-06-19 17:00:00 ----D---- C:\Windows\system32\sru
2015-06-19 14:57:04 ----RD---- C:\Program Files (x86)
2015-06-19 14:57:04 ----RD---- C:\Program Files
2015-06-19 14:57:04 ----HD---- C:\ProgramData
2015-06-19 14:57:04 ----D---- C:\Windows
2015-06-19 05:54:24 ----D---- C:\Windows\Tasks
2015-06-19 05:54:24 ----D---- C:\Windows\system32\Tasks
2015-06-19 03:23:35 ----D---- C:\Windows\system32\DriverStore
2015-06-19 03:23:35 ----D---- C:\Windows\Inf
2015-06-19 03:22:24 ----D---- C:\Windows\system32\drivers
2015-06-19 03:22:23 ----D---- C:\Windows\WinSxS
2015-06-19 03:22:21 ----RD---- C:\Windows\System32
2015-06-19 01:54:33 ----D---- C:\ProgramData\McAfee
2015-06-19 01:54:33 ----D---- C:\Program Files\Common Files
2015-06-19 01:54:32 ----D---- C:\Program Files (x86)\McAfee
2015-06-19 01:51:41 ----RSD---- C:\Windows\assembly
2015-06-19 01:50:57 ----HD---- C:\Windows\ELAMBKUP
2015-06-19 01:32:47 ----SHD---- C:\Windows\Installer
2015-06-19 01:32:46 ----D---- C:\Config.Msi
2015-06-19 01:32:32 ----D---- C:\ProgramData\Skype
2015-06-19 01:32:25 ----D---- C:\Program Files (x86)\Common Files
2015-06-19 01:31:45 ----SHD---- C:\System Volume Information
2015-06-19 01:19:54 ----D---- C:\Users\Antónia\AppData\Roaming\Skype
2015-06-19 00:15:08 ----D---- C:\Users\Antónia\AppData\Roaming\TS3Client
2015-06-18 16:21:34 ----D---- C:\Windows\Microsoft.NET
2015-06-18 14:47:41 ----D---- C:\Program Files (x86)\Hearthstone
2015-06-16 21:45:47 ----D---- C:\Windows\system32\config
2015-06-16 13:39:27 ----D---- C:\Windows\AppReadiness
2015-06-16 13:39:25 ----HD---- C:\Program Files\WindowsApps
2015-06-12 14:42:14 ----D---- C:\Windows\rescache
2015-06-12 13:33:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-12 13:07:46 ----D---- C:\Windows\system32\catroot2
2015-06-11 03:48:25 ----D---- C:\Windows\SysWOW64
2015-06-11 03:44:25 ----SD---- C:\Windows\system32\CompatTel
2015-06-11 03:44:24 ----RD---- C:\Windows\ToastData
2015-06-11 03:44:24 ----D---- C:\Windows\system32\appraiser
2015-06-11 03:44:24 ----D---- C:\Windows\apppatch
2015-06-11 03:44:21 ----D---- C:\Program Files\Internet Explorer
2015-06-11 03:44:21 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 03:44:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\system32\cs-CZ
2015-06-11 03:44:19 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 13:39:55 ----D---- C:\Windows\CbsTemp
2015-06-10 13:37:55 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 13:29:15 ----D---- C:\Windows\system32\MRT
2015-06-10 13:14:56 ----A---- C:\Windows\system32\MRT.exe
2015-06-10 13:00:12 ----A---- C:\Windows\win.ini
2015-06-10 01:50:53 ----D---- C:\Windows\system32\NDF
2015-06-03 18:18:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-01 23:04:04 ----D---- C:\Program Files (x86)\Battle.net
2015-05-23 21:13:08 ----D---- C:\Windows\system32\catroot
2015-05-21 03:18:45 ----D---- C:\Program Files (x86)\Diablo III
2015-05-20 21:33:18 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-20 21:33:18 ----SD---- C:\Windows\system32\GWX
2015-05-20 15:35:52 ----SD---- C:\Users\Antónia\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem18.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\Windows\System32\drivers\amdkmpfd.sys [2014-10-28 62152]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\Windows\system32\DRIVERS\amdpsp.sys [2014-02-25 230088]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-06-19 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-06-19 272248]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-06-19 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-06-19 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-19 442264]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 dtsoftbus01;@oem21.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-02-26 283064]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2015-05-29 489776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 APXACC;@oem20.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2014-10-28 229056]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-06-19 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-06-19 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-06-19 137288]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-14 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-14 42696]
R3 AmdAS4;@oem4.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\Windows\System32\drivers\AmdAS4.sys [2013-10-24 17640]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 athr;@oem11.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-17 3858944]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-08-07 590024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 clwvd;@oem15.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-02-13 3853016]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem9.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem17.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\Windows\system32\DRIVERS\amdkmcsp.sys [2014-02-25 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 WDC_SAM;@oem16.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2014-02-13 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-07 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-19 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-02-13 290520]
R2 tbaseprovisioning;tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [2014-02-25 51712]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Update SourceApp;Update SourceApp; C:\Program Files (x86)\SourceApp\updateSourceApp.exe []
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-03-27 1930608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

Bohužel, stále mi občas nefunguje myš nebo touchad prostě někdy snim jde kliknout ale občas nezareaguje. jediné co se opravilo je ten google chrome už se nezavírají záložky

Tou kláveskou a myší to také může být i hardwarový problém. Zkusíme ještě ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

na jinym notebooku ta myš funguje v pořádku , jinak mám windows 8.1 ten combofix nepodporuje. Ta myš nebo touchpad nefunguje jen na určitých místech někde jde kliknout a někde ne, přitom včera fungovalo vše v pořádku ještě

Zkuste obnovu systému k datu, kdy korektně fungoval.

můžete mi poradit kde tu obnovu najdu ve windows 8.1? Děkuji