VIRY.CZ

Dobrý den,
po posledních třec h aktualizacích windows se rapidně snížila rychlost počítače.
přikládám log z RSIT a prosím o pomoc.
S pozdravem Oleri

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2016-10-28 22:48:08
Microsoft Windows 8.1
System drive C: has 112 GB (24%) free of 460 GB
Total RAM: 3979 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:48:36, on 28. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: (no name) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - (no file)
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\RunOnce: [20161024] "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\16c34824-25b4-4c32-b2b1-1c1d8d7de57b\c3f8f415-d3d4-43ed-a080-9fcd0ecdfb9e.dll",_stage2@16
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: SpyderUtility.lnk = C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F36A23D6-5151-4C74-9BE9-DF6F522E5EAF}: NameServer = 8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12866 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\EscSvc64.exe
dashost.exe {d26d563a-31e1-4a08-b73405805635aea7}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\vcsFPService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1efcffca-5be8-4abe-997d-12464e0984e5 -SystemEventPortName:HostProcess-3018eb2a-d230-46b7-b72c-72e377575bad -IoCancelEventPortName:HostProcess-9f184c4b-c279-4fb5-b9cd-f5b2220fb2e9 -NonStateChangingEventPortName:HostProcess-565b168f-b4c8-4a76-b47b-0650e1feaf8b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:11df1207-16f6-48f9-ae2a-f01c5e3687e0 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b56a9881-76f3-41dc-b3ef-8add033bc49d -SystemEventPortName:HostProcess-f1728b04-669a-4a26-a390-84ad0741480c -IoCancelEventPortName:HostProcess-1384b017-581f-4508-92b4-05343dedcda7 -NonStateChangingEventPortName:HostProcess-33b8bea2-a134-4121-b691-eeef60b2a1a5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bbbf05b9-3bb5-4701-a789-bf7c970a862e -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k WindowsMobile
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Opera\opera.exe"

"C:\Users\user\AppData\Local\Opera\Opera\temporary_downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25 439352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{B9C767DD-F66A-40B4-8F12-4199A9A4393C}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B9C767DD-F66A-40B4-8F12-4199A9A4393C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-03 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-03 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-03 769496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-05-25 1664000]
"Windows Mobile Device Center"=C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-22 9083840]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-08-10 1193728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20161024"=C:\Program Files\AVAST Software\Avast\aswRunDll.exe [2016-10-10 901992]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SpyderUtility.lnk - C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-03 623616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-28 22:48:10 ----D---- C:\Program Files\trend micro
2016-10-28 22:48:08 ----D---- C:\rsit
2016-10-28 22:05:55 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 11:41:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-24 11:41:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-24 11:41:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-24 11:41:56 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-24 11:41:56 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-24 11:41:56 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-24 11:41:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-24 11:41:55 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-24 11:41:55 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-24 11:41:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-24 11:41:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-24 11:41:49 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-24 11:41:48 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-24 11:41:48 ----A---- C:\WINDOWS\explorer.exe
2016-10-24 11:41:47 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-24 11:41:47 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-24 11:41:47 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-22 16:25:21 ----RD---- C:\Program Files (x86)\Skype
2016-10-22 16:06:26 ----D---- C:\Program Files\CCleaner
2016-10-22 15:58:25 ----A---- C:\WINDOWS\system32\drivers\staport.sys
2016-10-22 15:56:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-10-22 15:51:41 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2016-10-21 14:48:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-21 14:48:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-21 14:48:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-21 14:48:00 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-21 14:47:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-21 14:47:55 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-21 14:47:54 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-21 14:47:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-21 14:47:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-21 14:47:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-21 14:47:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-21 14:47:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-21 14:47:51 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-21 14:47:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-21 14:47:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-21 14:47:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-21 14:47:48 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-21 14:47:48 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-21 14:47:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-21 14:47:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-21 14:47:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-21 14:47:35 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-21 14:47:31 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-21 14:47:21 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-21 14:47:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-21 14:47:20 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-21 14:47:20 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-21 14:47:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-21 14:47:18 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-21 14:47:17 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-21 14:47:16 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-21 14:47:16 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-21 14:47:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-21 14:47:14 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-21 14:47:14 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-21 14:47:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-21 14:47:13 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-21 14:47:12 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-21 14:47:12 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-21 14:47:11 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-21 14:47:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-21 14:47:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-21 14:47:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-21 14:47:10 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-21 14:47:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-21 14:47:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-21 14:47:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-21 14:47:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-21 14:47:06 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-21 14:47:05 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-21 14:47:04 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-21 14:47:03 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-21 14:47:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-21 14:47:02 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-21 14:47:01 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-21 14:47:00 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-21 14:46:59 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-21 14:46:59 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-21 14:46:59 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-21 14:46:59 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-21 14:46:57 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-21 14:46:57 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-21 14:46:56 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-21 14:46:56 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-21 14:46:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-21 14:46:52 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-21 14:46:52 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-21 14:46:52 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-21 14:46:51 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-21 14:46:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-21 14:46:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-21 14:46:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-21 14:46:49 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-21 14:46:49 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-21 14:46:49 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-21 14:46:48 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-10 11:51:32 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-10-10 11:51:31 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-10-10 11:51:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-10 11:51:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-10 11:51:29 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-10-10 11:51:29 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-10-10 11:51:27 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-10-10 11:51:27 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-10-10 11:51:27 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-10-10 11:51:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-10-10 11:51:24 ----A---- C:\WINDOWS\system32\schannel.dll
2016-10-10 11:49:07 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-10-10 11:49:07 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-10-10 11:49:07 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-10-10 11:49:04 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-10-10 11:49:03 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-10-10 11:49:03 ----A---- C:\WINDOWS\system32\ole32.dll
2016-10-10 11:49:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-10-10 11:49:02 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-10-10 11:49:02 ----A---- C:\WINDOWS\system32\mprdim.dll
2016-10-10 11:49:02 ----A---- C:\WINDOWS\system32\mprddm.dll
2016-10-10 11:49:01 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-10-10 11:49:01 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2016-10-10 11:49:00 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2016-10-10 11:49:00 ----A---- C:\WINDOWS\system32\rasmans.dll
2016-10-10 11:49:00 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2016-10-10 11:48:59 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-10-10 11:48:59 ----A---- C:\WINDOWS\system32\dssenh.dll
2016-10-10 11:48:58 ----A---- C:\WINDOWS\SYSWOW64\dssenh.dll
2016-10-10 11:48:58 ----A---- C:\WINDOWS\system32\rasppp.dll
2016-10-10 11:48:58 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2016-10-10 11:48:56 ----A---- C:\WINDOWS\system32\rasman.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\rascustom.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\nshwfp.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2016-10-10 11:48:55 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-10-10 11:48:51 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-10-10 11:48:51 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-10-10 11:48:51 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-10-10 11:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-10-10 11:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-10-10 11:48:51 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2016-10-10 11:48:50 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2016-10-10 11:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-10-10 11:48:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-10-10 11:48:45 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-10-10 11:48:40 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-10 11:48:40 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-10 11:48:39 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-10-10 11:48:39 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-10-10 11:48:36 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-10-10 10:59:50 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-10-10 10:47:16 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-28 22:48:10 ----D---- C:\Program Files
2016-10-28 22:47:09 ----D---- C:\Users\user\AppData\Roaming\ClassicShell
2016-10-28 22:47:08 ----D---- C:\WINDOWS\Prefetch
2016-10-28 22:42:53 ----D---- C:\WINDOWS\Tasks
2016-10-28 22:42:53 ----D---- C:\WINDOWS\system32\Tasks
2016-10-28 22:41:45 ----D---- C:\WINDOWS\WinSxS
2016-10-28 22:41:44 ----D---- C:\WINDOWS\SysWOW64
2016-10-28 22:41:16 ----D---- C:\WINDOWS\system32\config
2016-10-28 22:41:12 ----D---- C:\WINDOWS\CbsTemp
2016-10-28 22:40:56 ----SHD---- C:\System Volume Information
2016-10-28 22:40:22 ----D---- C:\WINDOWS\Temp
2016-10-28 22:39:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-10-28 22:15:15 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2016-10-28 22:15:08 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2016-10-28 22:15:01 ----D---- C:\WINDOWS\system32\drivers
2016-10-28 22:11:26 ----RD---- C:\WINDOWS\System32
2016-10-28 22:11:26 ----D---- C:\WINDOWS\Inf
2016-10-28 22:11:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-28 22:07:15 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-10-28 22:04:36 ----D---- C:\WINDOWS\Logs
2016-10-28 22:04:33 ----D---- C:\ProgramData\PDFC
2016-10-25 07:44:05 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-25 07:44:05 ----D---- C:\WINDOWS\system32\appraiser
2016-10-25 07:44:03 ----RD---- C:\WINDOWS\ToastData
2016-10-25 07:44:01 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-25 07:44:01 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-25 07:44:01 ----D---- C:\Windows
2016-10-25 07:43:38 ----D---- C:\Program Files\Internet Explorer
2016-10-25 07:43:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-25 07:43:30 ----D---- C:\WINDOWS\system32\Boot
2016-10-25 07:43:24 ----D---- C:\WINDOWS\apppatch
2016-10-25 07:43:16 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-25 07:32:05 ----D---- C:\WINDOWS\system32\sru
2016-10-24 12:33:13 ----HD---- C:\ProgramData
2016-10-24 11:22:22 ----SHD---- C:\WINDOWS\Installer
2016-10-22 21:44:31 ----D---- C:\Users\user\AppData\Roaming\vlc
2016-10-22 18:41:15 ----D---- C:\WINDOWS\rescache
2016-10-22 18:30:38 ----D---- C:\WINDOWS\system32\MRT
2016-10-22 18:16:25 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-22 16:26:54 ----D---- C:\Users\user\AppData\Roaming\Skype
2016-10-22 16:25:21 ----RD---- C:\Program Files (x86)
2016-10-22 16:25:21 ----D---- C:\Program Files (x86)\Common Files
2016-10-22 16:25:16 ----D---- C:\ProgramData\Skype
2016-10-22 16:18:06 ----D---- C:\Program Files\Google
2016-10-22 16:18:06 ----D---- C:\Program Files (x86)\Google
2016-10-22 15:51:38 ----D---- C:\Program Files (x86)\PDF Complete
2016-10-22 15:46:30 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-10-22 15:46:28 ----D---- C:\WINDOWS\system32\setup
2016-10-21 14:18:45 ----D---- C:\WINDOWS\system32\catroot2
2016-10-10 12:32:19 ----D---- C:\WINDOWS\AppReadiness
2016-10-10 12:32:18 ----HD---- C:\Program Files\WindowsApps
2016-10-10 12:19:16 ----D---- C:\WINDOWS\ShellNew
2016-10-10 12:19:14 ----D---- C:\Program Files\Windows Journal
2016-10-10 10:54:30 ----D---- C:\ProgramData\AVAST Software
2016-10-10 10:43:51 ----D---- C:\Program Files\AVAST Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-10-10 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-22 293352]
R0 hpdskflt;@oem29.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-10-10 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-10-10 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-10-10 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-10-10 513632]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-10-10 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-10-10 163416]
R3 Accelerometer;@oem29.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HpqKbFiltr;@oem42.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-03 4185600]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem33.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2014-05-25 176880]
R3 MEIx64;@oem30.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem40.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 rtbth;@oem39.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SPUVCbv;@oem15.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [2012-08-03 1062008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-05-25 543744]
R3 SynTP;@oem55.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-02 552176]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-10-10 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthMtpEnum;@bthmtpenum.inf,%BthMtpEnum.SVCDESC%;Modul pro výčet zařízení Bluetooth MTP; C:\WINDOWS\system32\DRIVERS\BthMtpEnum.sys [2013-08-22 62976]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem32.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 Spyder4;@oem22.inf,%ProductName%;Datacolor Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [2011-06-02 15360]
S3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-10 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2012-05-17 144560]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem29.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-08-10 1719040]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-05-25 327680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-14 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-14 1578496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-03 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.10 2016-10-28 22:48:39

======MBR======

0x000003060000D8182F011400E39EE3DDE39EE3DD0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007D1C0EA5000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 5 Master Collection-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe Flash Player 18 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe -maintain plugin
Adobe Flash Player 20 PPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe -maintain pepperplugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop Lightroom 5.2 64-bit-->MsiExec.exe /I{54E6C675-3AD4-42E4-957F-31666ABF1603}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824202044}
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)-->C:\Program Files\DIFX\8730326CFC0D32D8\DPInst.exe /d /u C:\Windows\System32\DriverStore\FileRepository\olycamcomm64.inf_amd64_ef14f466647d2167\olycamcomm64.inf
Canon MP Navigator EX 2.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 2.0\uninst.ini
Canon MP620 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series /L0x0005
Canon My Printer-->"C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Centrum zařízení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
Classic Shell-->MsiExec.exe /X{98BB5224-BC5D-4028-9D20-536C1C263AA9}
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall
CyberLink Media Suite 10-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\setup.exe" /z-uninstall
CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\setup.exe" /z-uninstall
CyberLink PhotoDirector-->"C:\Program Files (x86)\InstallShield Installation Information\{4862344A-A39C-4897-ACD4-A1BED5163C5A}\setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall
CyberLink Power2Go 8-->"C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDirector 10-->"C:\Program Files (x86)\InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
CyberLink PowerDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\setup.exe" /z-uninstall
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-0405-0000-0000000FF1CE}
Energy Star-->MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24}
EPSON L850 Series Printer Uninstall-->C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YINSNTE.EXE /R /APD /P:"EPSON L850 Series"
EPSON Scan-->C:\Program Files (x86)\epson\escndv\setup\setup.exe /r
Evernote v. 4.5.7-->MsiExec.exe /X{0BE73D3C-B5AF-11E1-933A-984BE15F174E}
Fotolab Fotosvet-->"C:\Program Files (x86)\Fotolab\Fotolab Fotosvet\uninstall.exe"
Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hewlett-Packard ACLM.NET v1.2.2.3-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{29989969-FED8-4EFB-8FB2-39429D37E471}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Customer Experience Enhancements-->MsiExec.exe /X{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}
HP Documentation-->MsiExec.exe /X{FCD58C04-324A-40D1-BA9E-1A754DF1736D}
HP ESU for Microsoft Windows 8-->MsiExec.exe /X{50F16F43-54B8-43DB-B96F-255546DFB990}
HP HD Webcam Driver-->C:\Program Files (x86)\HP HD Webcam Driver\uninstall.exe
HP Hotkey Support-->MsiExec.exe /X{7F7E2060-7212-4A53-9875-55173E4BA3F0}
HP Registration Service-->MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}
HP SoftPaq Download Manager-->MsiExec.exe /I{B50981AD-95E8-4E4D-912A-7C4B738387CA}
HP Software Framework-->MsiExec.exe /X{835B275B-F29B-464B-BD4B-097FD55FAB0A}
HP Software Setup-->MsiExec.exe /X{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Support Solutions Framework-->MsiExec.exe /X{579A990C-3855-4838-AF23-354CE2264BC0}
HP System Default Settings-->MsiExec.exe /X{987210BB-D707-48FC-88FA-4374765D108D}
HP Wireless Button Driver-->MsiExec.exe /X{30B2D1D8-0A07-4B71-9553-0710C5D31E35}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
OLYMPUS AVCHD Codec Patch-->MsiExec.exe /X{94DF5B59-73F2-487E-A5FB-840510FDA8F1}
OLYMPUS AVCHD Codec-->MsiExec.exe /X{FBD8E8CF-3460-4964-9079-9C68860487D4}
OLYMPUS Digital Camera Updater-->MsiExec.exe /X{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}
OLYMPUS Viewer 2-->MsiExec.exe /X{52F02F20-77E1-41A6-9758-7C8751D880A2}
Opera 12.16-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
PDF Complete Corporate Edition-->C:\Program Files (x86)\PDF Complete\uninstall.exe
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Ralink Bluetooth Stack64-->MsiExec.exe /X{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}
Ralink RT3290 802.11bgn Wi-Fi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\Setup.exe -runfromtemp -l0x0409 -removeonly
SafeZone Stable 1.51.2220.62-->"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
SearchMe Toolbar v9.7-->MsiExec.exe /X{A65F4631-06AE-4504-9F5B-3E75ABAE7D5D}
Skype™ 7.29-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
Software Updater-->MsiExec.exe /X{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}
Spyder4Pro-->C:\Windows\unvise32.exe C:\Program Files (x86)\Datacolor\Spyder4Pro\uninstal.log
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}
VLC Codec Pack 2.0.5-->C:\WINDOWS\SysWOW64\C2MP\Uninst.exe
VLC media player 2.0.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"

======Hosts File======

127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 OCSP.SPO1.VERISIGN.COM

======System event log======

Computer Name: user-pc
Event Code: 7000
Message: Služba Služba Plánovač multimédií neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Record Number: 72515
Source Name: Service Control Manager
Time Written: 20130928180057.602040-000
Event Type: Chyba
User:

Computer Name: user-pc
Event Code: 7000
Message: Služba Služba Plánovač multimédií neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Record Number: 72514
Source Name: Service Control Manager
Time Written: 20130928180057.592029-000
Event Type: Chyba
User:

Computer Name: user-pc
Event Code: 7000
Message: Služba Služba Plánovač multimédií neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Record Number: 72513
Source Name: Service Control Manager
Time Written: 20130928180057.582010-000
Event Type: Chyba
User:

Computer Name: user-pc
Event Code: 7000
Message: Služba Služba Plánovač multimédií neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Record Number: 72512
Source Name: Service Control Manager
Time Written: 20130928180057.571990-000
Event Type: Chyba
User:

Computer Name: user-pc
Event Code: 7000
Message: Služba Služba Plánovač multimédií neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Record Number: 72511
Source Name: Service Control Manager
Time Written: 20130928180057.561983-000
Event Type: Chyba
User:

=====Application event log=====

Computer Name: user-pc
Event Code: 0
Message: Událost PowerEvent byla službou úspěšně zpracována.
Record Number: 41364
Source Name: HP Support Assistant Service
Time Written: 20150813190834.000000-000
Event Type: Informace
User:

Computer Name: user-pc
Event Code: 0
Message: Událost PowerEvent byla službou úspěšně zpracována.
Record Number: 41363
Source Name: HP Support Assistant Service
Time Written: 20150813190833.000000-000
Event Type: Informace
User:

Computer Name: user-pc
Event Code: 0
Message: Událost PowerEvent byla službou úspěšně zpracována.
Record Number: 41362
Source Name: HP Support Assistant Service
Time Written: 20150813190833.000000-000
Event Type: Informace
User:

Computer Name: user-pc
Event Code: 326
Message: svchost (6984) Instance: Databázový stroj připojil databázi (1, C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.750, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.
Uložená mezipaměť: 1 0
Record Number: 41361
Source Name: ESENT
Time Written: 20150804205449.000000-000
Event Type: Informace
User:

Computer Name: user-pc
Event Code: 105
Message: svchost (6984) Instance: Databázový stroj spustil novou instanci (0). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.
Record Number: 41360
Source Name: ESENT
Time Written: 20150804205448.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: user-pc
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER-PC$
Doména účtu: DOMA
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\ieapfltr.dll
ID popisovače: 0x14

Informace o procesu:
ID procesu: 0x1438
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení: S:AI
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 91042
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716204744.151095-000
Event Type: Úspěšný audit
User:

Computer Name: user-pc
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER-PC$
Doména účtu: DOMA
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\vbscript.dll
ID popisovače: 0x14

Informace o procesu:
ID procesu: 0x1438
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení: S:AI
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 91041
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716204744.151095-000
Event Type: Úspěšný audit
User:

Computer Name: user-pc
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER-PC$
Doména účtu: DOMA
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Program Files\Internet Explorer\F12Tools.dll
ID popisovače: 0x14

Informace o procesu:
ID procesu: 0x1438
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení: S:AI
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 91040
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716204744.151095-000
Event Type: Úspěšný audit
User:

Computer Name: user-pc
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER-PC$
Doména účtu: DOMA
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Program Files\Internet Explorer\ieinstal.exe
ID popisovače: 0x14

Informace o procesu:
ID procesu: 0x1438
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení: S:AI
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 91039
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716204744.151095-000
Event Type: Úspěšný audit
User:

Computer Name: user-pc
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: USER-PC$
Doména účtu: DOMA
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Program Files\Internet Explorer\iedvtool.dll
ID popisovače: 0x14

Informace o procesu:
ID procesu: 0x1438
Název procesu: C:\Windows\System32\poqexec.exe

Nastavení auditu:
Původní popisovač zabezpečení: S:AI
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 91038
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150716204744.151095-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"Path"=c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Skype\Phone\
"OnlineServices"=Online Services
"Platform"=BNB
"PCBRAND"=Pavilion

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Děkuji za rychlou odpověď,
vše proběhlo hladce, přidávám log:

# AdwCleaner v6.030 - Log soubor vytvořen 30/10/2016 na 09:31:02
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-30.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : user - USER-PC
# Beží od : C:\Users\user\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\users\user\AppData\LocalLow\Search Settings
[-] Adresář smazán:C:\Program Files (x86)\Application Updater
[-] Adresář smazán:C:\Program Files (x86)\SearchMe Toolbar
[-] Adresář smazán:C:\Program Files (x86)\Common Files\Spigot
[-] Adresář smazán:C:\WINDOWS\SysWOW64\C2MP


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
[-] Klíč smazán:HKU\S-1-5-21-2411192372-3838652812-1285078615-1002\Software\Search Settings
[-] Klíč smazán:HKU\S-1-5-21-2411192372-3838652812-1285078615-1002\Software\AppDataLow\Software\Search Settings
[#] Klíč smazán po restartování:HKCU\Software\Search Settings
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Search Settings
[-] Klíč smazán:HKLM\SOFTWARE\Application Updater
[-] Klíč smazán:HKLM\SOFTWARE\Search Settings
[#] Klíč smazán po restartování:[x64] HKCU\Software\Search Settings
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\Search Settings
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Klíč smazán:HKU\S-1-5-21-2411192372-3838652812-1285078615-1002\Software\Microsoft\Internet Explorer\SearchScopes\{F7F987D1-606A-4AFA-BAA5-980A8A2FF9C3}
[-] Data obnovena:HKU\S-1-5-21-2411192372-3838652812-1285078615-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7F987D1-606A-4AFA-BAA5-980A8A2FF9C3}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7F987D1-606A-4AFA-BAA5-980A8A2FF9C3}
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


***** [ Prohlížeče ] *****

[-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:skype.en.softonic.com


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3369 Bajtů] - [30/10/2016 09:31:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [3518 Bajtů] - [30/10/2016 09:29:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3517 Bajtů] ##########

Dejte nový log RSIT.

Přikládám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2016-10-30 15:39:04
Microsoft Windows 8.1
System drive C: has 112 GB (24%) free of 460 GB
Total RAM: 3979 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:39:08, on 30. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: SpyderUtility.lnk = C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F36A23D6-5151-4C74-9BE9-DF6F522E5EAF}: NameServer = 8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12373 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\EscSvc64.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
dashost.exe {a844a174-2875-4314-98c0369d41fcd8e6}
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\vcsFPService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\alg.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-dfedafe1-6a34-4ade-98af-80047b697d0f -SystemEventPortName:HostProcess-d55a6abf-f3a7-4251-81a3-298e87830337 -IoCancelEventPortName:HostProcess-c871ef5f-6e51-48f7-b8d1-3ac0156c6179 -NonStateChangingEventPortName:HostProcess-5d636918-a996-4fb5-bc7f-50b58a41cbd1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:232b15f2-1bd6-4e77-8c2a-fbb2cd1f1860 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-247b3204-3375-4c62-9538-133a234f5fa4 -SystemEventPortName:HostProcess-50983cbd-e468-4534-94c3-b393d2ad51e5 -IoCancelEventPortName:HostProcess-a79914bc-e435-4e0a-8ab2-0b88ee05244e -NonStateChangingEventPortName:HostProcess-b14d6f14-4e46-40d3-9344-50aec1900d43 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:af71a26c-bcc5-47e7-ad2c-626cf74bd651 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
ClassicStartMenu.exe -startup
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\user\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002Core.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002UA.job - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25 439352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{B9C767DD-F66A-40B4-8F12-4199A9A4393C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-03 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-03 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-03 769496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-05-25 1664000]
"Windows Mobile Device Center"=C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-28 9099440]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-08-10 1193728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SpyderUtility.lnk - C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-03 623616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-28 21:48:10 ----D---- C:\Program Files\trend micro
2016-10-28 21:48:08 ----D---- C:\rsit
2016-10-28 21:05:55 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 10:41:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-24 10:41:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-24 10:41:55 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-24 10:41:55 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-24 10:41:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-24 10:41:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-24 10:41:49 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-24 10:41:48 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-24 10:41:48 ----A---- C:\WINDOWS\explorer.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-22 15:25:21 ----RD---- C:\Program Files (x86)\Skype
2016-10-22 15:06:26 ----D---- C:\Program Files\CCleaner
2016-10-22 14:58:25 ----A---- C:\WINDOWS\system32\drivers\staport.sys
2016-10-22 14:56:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-10-22 14:51:41 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2016-10-21 13:48:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-21 13:48:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-21 13:48:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-21 13:48:00 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-21 13:47:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-21 13:47:55 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-21 13:47:54 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-21 13:47:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-21 13:47:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-21 13:47:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-21 13:47:48 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-21 13:47:48 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-21 13:47:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-21 13:47:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-21 13:47:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-21 13:47:35 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-21 13:47:31 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-21 13:47:21 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-21 13:47:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-21 13:47:20 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-21 13:47:20 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-21 13:47:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-21 13:47:18 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-21 13:47:17 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-21 13:47:16 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-21 13:47:16 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-21 13:47:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-21 13:47:14 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-21 13:47:14 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-21 13:47:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-21 13:47:13 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-21 13:47:12 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-21 13:47:12 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-21 13:47:11 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-21 13:47:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-21 13:47:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-21 13:47:06 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-21 13:47:05 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-21 13:47:04 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-21 13:47:03 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-21 13:47:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-21 13:47:02 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-21 13:47:01 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-21 13:47:00 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-21 13:46:57 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-21 13:46:57 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-21 13:46:56 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-21 13:46:56 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-21 13:46:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-21 13:46:51 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-21 13:46:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-21 13:46:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-21 13:46:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-21 13:46:49 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-21 13:46:49 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-21 13:46:49 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-21 13:46:48 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-10 10:51:32 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-10-10 10:51:31 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-10-10 10:51:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-10 10:51:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-10 10:51:29 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-10-10 10:51:29 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-10-10 10:51:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-10-10 10:51:24 ----A---- C:\WINDOWS\system32\schannel.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-10-10 10:49:04 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-10-10 10:49:03 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-10-10 10:49:03 ----A---- C:\WINDOWS\system32\ole32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\mprdim.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\mprddm.dll
2016-10-10 10:49:01 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-10-10 10:49:01 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\system32\rasmans.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2016-10-10 10:48:59 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-10-10 10:48:59 ----A---- C:\WINDOWS\system32\dssenh.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\SYSWOW64\dssenh.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\system32\rasppp.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2016-10-10 10:48:56 ----A---- C:\WINDOWS\system32\rasman.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rascustom.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\nshwfp.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-10-10 10:48:51 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2016-10-10 10:48:50 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2016-10-10 10:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-10-10 10:48:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-10-10 10:48:45 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-10-10 10:48:40 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-10 10:48:40 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-10 10:48:39 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-10-10 10:48:39 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-10-10 10:48:36 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-10-10 09:59:50 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-10-10 09:47:16 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-30 15:29:28 ----D---- C:\WINDOWS\Prefetch
2016-10-30 15:28:56 ----D---- C:\WINDOWS\Temp
2016-10-30 15:28:54 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2016-10-30 15:28:46 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2016-10-30 15:25:10 ----D---- C:\WINDOWS\system32\sru
2016-10-30 09:43:30 ----D---- C:\Users\user\AppData\Roaming\ClassicShell
2016-10-30 09:37:53 ----RD---- C:\WINDOWS\System32
2016-10-30 09:37:53 ----D---- C:\WINDOWS\Inf
2016-10-30 09:37:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-30 09:37:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-10-30 09:34:49 ----D---- C:\ProgramData\PDFC
2016-10-30 09:30:50 ----D---- C:\WINDOWS\SysWOW64
2016-10-30 09:30:21 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 09:30:19 ----RD---- C:\Program Files (x86)
2016-10-30 09:20:20 ----D---- C:\WINDOWS\system32\config
2016-10-30 09:18:10 ----D---- C:\WINDOWS\Microsoft.NET
2016-10-30 08:46:35 ----D---- C:\WINDOWS\system32\drivers
2016-10-28 22:04:43 ----RSD---- C:\WINDOWS\assembly
2016-10-28 21:48:10 ----D---- C:\Program Files
2016-10-28 21:44:35 ----D---- C:\WINDOWS\system32\Tasks
2016-10-28 21:42:53 ----D---- C:\WINDOWS\Tasks
2016-10-28 21:41:48 ----D---- C:\WINDOWS\CbsTemp
2016-10-28 21:41:45 ----D---- C:\WINDOWS\WinSxS
2016-10-28 21:40:56 ----SHD---- C:\System Volume Information
2016-10-28 21:04:36 ----D---- C:\WINDOWS\Logs
2016-10-25 06:44:05 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-25 06:44:05 ----D---- C:\WINDOWS\system32\appraiser
2016-10-25 06:44:03 ----RD---- C:\WINDOWS\ToastData
2016-10-25 06:44:01 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-25 06:44:01 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-25 06:44:01 ----D---- C:\Windows
2016-10-25 06:43:38 ----D---- C:\Program Files\Internet Explorer
2016-10-25 06:43:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-25 06:43:30 ----D---- C:\WINDOWS\system32\Boot
2016-10-25 06:43:24 ----D---- C:\WINDOWS\apppatch
2016-10-25 06:43:16 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-24 11:33:13 ----HD---- C:\ProgramData
2016-10-24 10:22:22 ----SHD---- C:\WINDOWS\Installer
2016-10-22 20:44:31 ----D---- C:\Users\user\AppData\Roaming\vlc
2016-10-22 17:41:15 ----D---- C:\WINDOWS\rescache
2016-10-22 17:30:38 ----D---- C:\WINDOWS\system32\MRT
2016-10-22 17:16:25 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-22 15:26:54 ----D---- C:\Users\user\AppData\Roaming\Skype
2016-10-22 15:25:41 ----D---- C:\ProgramData\Skype
2016-10-22 15:18:06 ----D---- C:\Program Files\Google
2016-10-22 15:18:06 ----D---- C:\Program Files (x86)\Google
2016-10-22 14:51:38 ----D---- C:\Program Files (x86)\PDF Complete
2016-10-22 14:46:30 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-10-22 14:46:28 ----D---- C:\WINDOWS\system32\setup
2016-10-21 13:18:45 ----D---- C:\WINDOWS\system32\catroot2
2016-10-10 11:32:19 ----D---- C:\WINDOWS\AppReadiness
2016-10-10 11:32:18 ----HD---- C:\Program Files\WindowsApps
2016-10-10 11:19:16 ----D---- C:\WINDOWS\ShellNew
2016-10-10 11:19:14 ----D---- C:\Program Files\Windows Journal
2016-10-10 09:54:30 ----D---- C:\ProgramData\AVAST Software
2016-10-10 09:43:51 ----D---- C:\Program Files\AVAST Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-10-10 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-22 293352]
R0 hpdskflt;@oem29.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-10-10 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-10-10 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-10-10 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-10-10 513632]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-10-10 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-10-10 163416]
R3 Accelerometer;@oem29.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HpqKbFiltr;@oem42.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-03 4185600]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem33.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2014-05-25 176880]
R3 MEIx64;@oem30.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem40.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 rtbth;@oem39.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SPUVCbv;@oem15.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [2012-08-03 1062008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-05-25 543744]
R3 SynTP;@oem55.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-02 552176]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-10-10 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthMtpEnum;@bthmtpenum.inf,%BthMtpEnum.SVCDESC%;Modul pro výčet zařízení Bluetooth MTP; C:\WINDOWS\system32\DRIVERS\BthMtpEnum.sys [2013-08-22 62976]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem32.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 Spyder4;@oem22.inf,%ProductName%;Datacolor Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [2011-06-02 15360]
S3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-10 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2012-05-16 144560]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem29.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-08-10 1719040]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-05-25 327680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-14 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
R3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-14 1578496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-03 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2411192372-3838652812-1285078615-1002UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Vše proběhlo hladce, nový scan RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2016-10-31 09:37:10
Microsoft Windows 8.1
System drive C: has 133 GB (29%) free of 460 GB
Total RAM: 3979 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:37:14, on 31. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avBugReport.exe
C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [BtTray] "c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: SpyderUtility.lnk = C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F36A23D6-5151-4C74-9BE9-DF6F522E5EAF}: NameServer = 8.8.8.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12427 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\EscSvc64.exe
dashost.exe {f5fa3396-9c5c-4158-b25dbea476555faa}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Windows\system32\vcsFPService.exe
taskhostex.exe
taskeng.exe {A53E8EA1-F377-43B4-8B4E-84BA340803DB}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\alg.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-82d7a3e8-e4be-452f-b379-b679e6973cc1 -SystemEventPortName:HostProcess-ca212d30-1fa8-4cf8-b737-81e5259dcf24 -IoCancelEventPortName:HostProcess-198d386d-75b9-4ac4-84dc-424c141c3182 -NonStateChangingEventPortName:HostProcess-c9b69e19-0fc5-40ee-a922-eea079d12055 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f8868f46-b8dd-4e93-a147-0ba5e23eede8 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-78b07f7f-613f-4491-b468-234d4b0a43ba -SystemEventPortName:HostProcess-f7b00093-60df-409b-bf10-3040227ca5f1 -IoCancelEventPortName:HostProcess-a55fac8a-a33b-4819-8ec9-cd9a2ed39442 -NonStateChangingEventPortName:HostProcess-304571e5-4c4a-4928-99eb-d54eeff8110e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:bf96b795-8c2c-452b-a896-ac3671291405 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files\AVAST Software\Avast\avBugReport.exe" --send dumps|report
\??\C:\WINDOWS\system32\conhost.exe 0x4
ClassicStartMenu.exe -startup
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

"C:\Users\user\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\HPCeeScheduleForuser.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25 439352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-03 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-03 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-03 769496]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-05-25 1664000]
"Windows Mobile Device Center"=C:\WINDOWS\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Google Update"=C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2013-06-07 774680]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-08-16 364032]
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-24 491120]
"RemoteControl10"=c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-29 91432]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-28 9099440]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2013-10-16 337184]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2016-08-10 1193728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SpyderUtility.lnk - C:\Program Files (x86)\Datacolor\Spyder4Pro\Utility\SpyderUtility.exe

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-03 623616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-31 09:07:57 ----D---- C:\_OTM
2016-10-28 21:48:10 ----D---- C:\Program Files\trend micro
2016-10-28 21:48:08 ----D---- C:\rsit
2016-10-28 21:05:55 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-10-24 10:41:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-24 10:41:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\devinv.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\aepic.dll
2016-10-24 10:41:56 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-10-24 10:41:55 ----A---- C:\WINDOWS\system32\invagent.dll
2016-10-24 10:41:55 ----A---- C:\WINDOWS\system32\centel.dll
2016-10-24 10:41:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-10-24 10:41:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-10-24 10:41:49 ----A---- C:\WINDOWS\system32\twinui.dll
2016-10-24 10:41:48 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-10-24 10:41:48 ----A---- C:\WINDOWS\explorer.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\SYSWOW64\RestoreOptIn.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-10-24 10:41:47 ----A---- C:\WINDOWS\system32\RestoreOptIn.exe
2016-10-22 15:25:21 ----RD---- C:\Program Files (x86)\Skype
2016-10-22 15:06:26 ----D---- C:\Program Files\CCleaner
2016-10-22 14:58:25 ----A---- C:\WINDOWS\system32\drivers\staport.sys
2016-10-22 14:56:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-10-22 14:51:41 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2016-10-21 13:48:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-10-21 13:48:01 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-10-21 13:48:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-10-21 13:48:00 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-10-21 13:47:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-10-21 13:47:55 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-10-21 13:47:54 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-10-21 13:47:53 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-10-21 13:47:51 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-10-21 13:47:50 ----A---- C:\WINDOWS\system32\jscript.dll
2016-10-21 13:47:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-10-21 13:47:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-10-21 13:47:48 ----A---- C:\WINDOWS\system32\wininet.dll
2016-10-21 13:47:48 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-10-21 13:47:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-10-21 13:47:37 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-10-21 13:47:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-10-21 13:47:35 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-21 13:47:31 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-21 13:47:21 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-10-21 13:47:21 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-10-21 13:47:20 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-21 13:47:20 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-21 13:47:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-10-21 13:47:18 ----A---- C:\WINDOWS\system32\authui.dll
2016-10-21 13:47:17 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-10-21 13:47:16 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-21 13:47:16 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-21 13:47:15 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-21 13:47:14 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-21 13:47:14 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-21 13:47:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-21 13:47:13 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-10-21 13:47:12 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-21 13:47:12 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-21 13:47:11 ----A---- C:\WINDOWS\system32\win32k.sys
2016-10-21 13:47:11 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-10-21 13:47:10 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-21 13:47:08 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-21 13:47:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-21 13:47:06 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-21 13:47:05 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-21 13:47:04 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-21 13:47:03 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-21 13:47:02 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-21 13:47:02 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-21 13:47:01 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-21 13:47:00 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-21 13:46:59 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-21 13:46:57 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-21 13:46:57 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-21 13:46:56 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-21 13:46:56 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-21 13:46:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-21 13:46:52 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-21 13:46:51 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-21 13:46:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-10-21 13:46:51 ----A---- C:\WINDOWS\system32\drivers\serenum.sys
2016-10-21 13:46:50 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-10-21 13:46:49 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-10-21 13:46:49 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-21 13:46:49 ----A---- C:\WINDOWS\system32\certcli.dll
2016-10-21 13:46:48 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-10-10 10:51:32 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-10-10 10:51:31 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-10-10 10:51:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-10 10:51:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-10-10 10:51:29 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-10-10 10:51:29 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-10-10 10:51:27 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-10-10 10:51:24 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-10-10 10:51:24 ----A---- C:\WINDOWS\system32\schannel.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-10-10 10:49:07 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-10-10 10:49:04 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-10-10 10:49:03 ----A---- C:\WINDOWS\system32\vpnike.dll
2016-10-10 10:49:03 ----A---- C:\WINDOWS\system32\ole32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\mprdim.dll
2016-10-10 10:49:02 ----A---- C:\WINDOWS\system32\mprddm.dll
2016-10-10 10:49:01 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-10-10 10:49:01 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\system32\rasmans.dll
2016-10-10 10:49:00 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2016-10-10 10:48:59 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-10-10 10:48:59 ----A---- C:\WINDOWS\system32\dssenh.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\SYSWOW64\dssenh.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\system32\rasppp.dll
2016-10-10 10:48:58 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2016-10-10 10:48:56 ----A---- C:\WINDOWS\system32\rasman.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rdpclip.exe
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\rascustom.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\nshwfp.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2016-10-10 10:48:55 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-10-10 10:48:51 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\sspicli.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-10-10 10:48:51 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2016-10-10 10:48:50 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2016-10-10 10:48:50 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-10-10 10:48:46 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-10-10 10:48:45 ----A---- C:\WINDOWS\system32\csrsrv.dll
2016-10-10 10:48:40 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-10-10 10:48:40 ----A---- C:\WINDOWS\system32\user32.dll
2016-10-10 10:48:39 ----A---- C:\WINDOWS\system32\wwanconn.dll
2016-10-10 10:48:39 ----A---- C:\WINDOWS\system32\pnidui.dll
2016-10-10 10:48:36 ----A---- C:\WINDOWS\system32\wwanmm.dll
2016-10-10 09:59:50 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-10-10 09:47:16 ----A---- C:\WINDOWS\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-10-31 09:36:49 ----D---- C:\WINDOWS\Temp
2016-10-31 09:35:30 ----D---- C:\WINDOWS\Prefetch
2016-10-31 09:35:14 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2016-10-31 09:35:06 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2016-10-31 09:33:25 ----RD---- C:\WINDOWS\System32
2016-10-31 09:33:25 ----D---- C:\WINDOWS\Inf
2016-10-31 09:33:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-31 09:28:41 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-10-31 09:26:36 ----D---- C:\ProgramData\PDFC
2016-10-31 09:19:02 ----D---- C:\WINDOWS\Microsoft.NET
2016-10-31 09:07:58 ----D---- C:\WINDOWS\Tasks
2016-10-31 09:05:09 ----D---- C:\WINDOWS\system32\config
2016-10-31 09:00:00 ----D---- C:\WINDOWS\system32\sru
2016-10-31 08:57:34 ----D---- C:\WINDOWS\system32\drivers
2016-10-30 22:31:51 ----D---- C:\WINDOWS\system32\catroot2
2016-10-30 22:30:07 ----D---- C:\WINDOWS\system32\DriverStore
2016-10-30 18:43:25 ----D---- C:\WINDOWS\rescache
2016-10-30 09:43:30 ----D---- C:\Users\user\AppData\Roaming\ClassicShell
2016-10-30 09:30:50 ----D---- C:\WINDOWS\SysWOW64
2016-10-30 09:30:21 ----D---- C:\Program Files (x86)\Common Files
2016-10-30 09:30:19 ----RD---- C:\Program Files (x86)
2016-10-28 22:04:43 ----RSD---- C:\WINDOWS\assembly
2016-10-28 21:48:10 ----D---- C:\Program Files
2016-10-28 21:44:35 ----D---- C:\WINDOWS\system32\Tasks
2016-10-28 21:41:48 ----D---- C:\WINDOWS\CbsTemp
2016-10-28 21:41:45 ----D---- C:\WINDOWS\WinSxS
2016-10-28 21:40:56 ----SHD---- C:\System Volume Information
2016-10-28 21:04:36 ----D---- C:\WINDOWS\Logs
2016-10-25 06:44:05 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-25 06:44:05 ----D---- C:\WINDOWS\system32\appraiser
2016-10-25 06:44:03 ----RD---- C:\WINDOWS\ToastData
2016-10-25 06:44:01 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-10-25 06:44:01 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-25 06:44:01 ----D---- C:\Windows
2016-10-25 06:43:38 ----D---- C:\Program Files\Internet Explorer
2016-10-25 06:43:38 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-25 06:43:30 ----D---- C:\WINDOWS\system32\Boot
2016-10-25 06:43:24 ----D---- C:\WINDOWS\apppatch
2016-10-24 11:33:13 ----HD---- C:\ProgramData
2016-10-24 10:22:22 ----SHD---- C:\WINDOWS\Installer
2016-10-22 20:44:31 ----D---- C:\Users\user\AppData\Roaming\vlc
2016-10-22 17:30:38 ----D---- C:\WINDOWS\system32\MRT
2016-10-22 17:16:25 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-22 15:26:54 ----D---- C:\Users\user\AppData\Roaming\Skype
2016-10-22 15:25:41 ----D---- C:\ProgramData\Skype
2016-10-22 15:18:06 ----D---- C:\Program Files\Google
2016-10-22 15:18:06 ----D---- C:\Program Files (x86)\Google
2016-10-22 14:51:38 ----D---- C:\Program Files (x86)\PDF Complete
2016-10-22 14:46:30 ----D---- C:\WINDOWS\SYSWOW64\setup
2016-10-22 14:46:28 ----D---- C:\WINDOWS\system32\setup
2016-10-10 11:32:19 ----D---- C:\WINDOWS\AppReadiness
2016-10-10 11:32:18 ----HD---- C:\Program Files\WindowsApps
2016-10-10 11:19:16 ----D---- C:\WINDOWS\ShellNew
2016-10-10 11:19:14 ----D---- C:\Program Files\Windows Journal
2016-10-10 09:54:30 ----D---- C:\ProgramData\AVAST Software
2016-10-10 09:43:51 ----D---- C:\Program Files\AVAST Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-10-10 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-22 293352]
R0 hpdskflt;@oem29.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-08-22 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-10-10 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-10-10 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-10-10 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-10-10 513632]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-10-10 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-10-10 163416]
R3 Accelerometer;@oem29.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-08-22 43328]
R3 BtAudioBusSrv;@oem8.inf,%SvcDesc%;IVT Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2012-08-14 48736]
R3 HpqKbFiltr;@oem42.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2012-08-27 26504]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-03 4185600]
R3 IntcDAud;@oem14.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem33.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 JMCR;JMCR; C:\WINDOWS\System32\drivers\jmcr.sys [2014-05-25 176880]
R3 MEIx64;@oem30.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 netr28x;@oem40.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-02 2483376]
R3 rtbth;@oem39.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SPUVCbv;@oem15.inf,%SPUVCb.ServiceName%;SPUVCb Driver Service; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [2012-08-03 1062008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-05-25 543744]
R3 SynTP;@oem55.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-12-02 552176]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-10-10 37656]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-20 56904]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthMtpEnum;@bthmtpenum.inf,%BthMtpEnum.SVCDESC%;Modul pro výčet zařízení Bluetooth MTP; C:\WINDOWS\system32\DRIVERS\BthMtpEnum.sys [2013-08-22 62976]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem32.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-15 41272]
S3 SmbDrvI;SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-08-15 43832]
S3 Spyder4;@oem22.inf,%ProductName%;Datacolor Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [2011-06-02 15360]
S3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-10 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2012-05-16 144560]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2013-10-16 681760]
R2 hpsrv;@oem29.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-08-22 33600]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-19 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2016-08-10 1719040]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-05-25 327680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-08-14 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-08-14 1578496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-03 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-08-22 36992]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2013-08-22 30720]

-----------------EOF-----------------

Dvouklikem na soubor C:\Program Files\trend micro\user.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Vše proběhlo v pořádku, počítač vypadá svižněji. Po delším používání dám ještě report.¨
Děkuji mockrát za Vaši pomoc.

OK, rádo se stalo!