VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zastupci na flashce

https://forum.viry.cz:443/viewtopic.php?t=150559

Stránka 1 z 2

Zastupci na flashce

Napsal: 15 lis 2016 17:35
od Lucie1818
Mám problém který se tu už několikrát řešil. Mám v počítači vir, který mi při vložení kterékoliv flashky udělá ze souborů zástupce to samé v případě že vložím jakékoliv USB nebo SD. Pomůže mis tím prosím někdo?????

Stáhla jsem si RSIT a tady je výsledek:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lucinka at 2016-11-15 17:27:20
Microsoft Windows 8.1
System drive C: has 60 GB (13%) free of 445 GB
Total RAM: 4043 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:27:36, on 15. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\syswow64\backgroundTaskHost.exe
C:\WINDOWS\syswow64\backgroundTaskHost.exe
C:\WINDOWS\syswow64\backgroundTaskHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: RobOSAver - {43C449E9-7544-48DA-A6A2-B15335634362} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User '?')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{694A2238-8337-4D38-8739-DC4EAB54088F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14078 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {3a44c871-0596-4b1b-834e264041c235f2}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Sony Corporation\VAIO Care\inteldata override_existing_tracing=no limit_output_by_filesize_mb=100' os='C:\Program Files\Sony\VAIO Care\ESRV\os_counters.txt' "
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -System
C:\WINDOWS\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"

winlogon.exe
"dwm.exe"
atieclxx
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhostex.exe
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe" /AutoStart
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"" "--start" "--register_port" "--address" "127.0.0.1" "--port" "49266" "--pause_on_user_switching" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=no output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\foreground_window_input.dll' "
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -User
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files\Sony\VAIO Care\Solution.Updater.exe"
C:\WINDOWS\System32\wsqmcons.exe
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppX2e6h94h6qek410y3rzfv2a72rfdgkyx6.mca
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXkrktarsky4b3chn7fvc7fne5zr9p5eky.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -collectactivestatus
C:\WINDOWS\system32\msfeedssync.exe sync
taskhost.exe $(Arg0)
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXt014q6qzk9mjya2jb3xbkeaj9z6kaf4x.mca
C:\WINDOWS\system32\CompatTelRunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:s1Fz0wwwuEuWLM1R.1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.71 --handshake-handle=0x124
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,15,16,17,19,33,59 --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.1.0 --gpu-driver-date=8-21-2013 --mojo-application-channel-token=D7437FE02DE73B0B4B4557C29D55A861 --mojo-platform-channel-handle=1252 --ignored=" --type=renderer " /prefetch:2
taskeng.exe {C33F619A-F752-4F4F-807B-5D3C2A87BBBC}
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -vcrautolog
"C:\WINDOWS\system32\RunDll32.exe" "C:\WINDOWS\system32\WerConCpl.dll", LaunchErcApp -queuereporting
C:\WINDOWS\System32\vds.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D39B25E9B4A7F278C413EDB124D1B2D1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=D39B25E9B4A7F278C413EDB124D1B2D1 --channel="6896.26.108853302\1398255879" --mojo-platform-channel-handle=5620 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=886856163E5356257DB02B8FAE533075 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=886856163E5356257DB02B8FAE533075 --channel="6896.30.1382105077\1498174746" --mojo-platform-channel-handle=6580 /prefetch:1

"C:\Users\Lucinka\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-12-28 64640]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-27 2930488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-04-12 4289728]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NokiaMusic FastStart"=C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-10 9044392]
"NPSStartup"= []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-06-02 318128]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-16 596504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-15 17:27:23 ----D---- C:\Program Files\trend micro
2016-11-15 17:27:20 ----D---- C:\rsit
2016-11-14 18:39:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-11-14 18:33:51 ----D---- C:\ProgramData\Malwarebytes
2016-11-14 18:33:51 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-11-14 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-11-10 17:36:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-10 17:36:20 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-10 17:36:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-10 17:36:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-10 17:36:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-10 17:36:07 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-10 17:36:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-10 17:36:06 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-10 17:36:06 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-10 17:36:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-10 17:36:03 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-10 17:36:01 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-10 17:36:00 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-10 17:35:56 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 17:35:50 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\system32\input.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-10 16:46:21 ----SHD---- C:\found.005
2016-11-07 18:43:38 ----SHD---- C:\found.004
2016-11-07 18:43:38 ----SHD---- C:\found.003
2016-11-07 18:43:38 ----SHD---- C:\found.002
2016-11-07 18:43:37 ----SHD---- C:\found.001
2016-10-16 11:39:07 ----A---- C:\WINDOWS\system32\wmp.dll
2016-10-16 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-10-16 11:39:02 ----A---- C:\WINDOWS\system32\esent.dll
2016-10-16 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2016-10-16 11:39:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2016-10-16 11:38:59 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-16 11:38:59 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2016-10-16 11:38:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-10-16 11:38:57 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2016-10-16 11:38:57 ----A---- C:\WINDOWS\system32\DWrite.dll
2016-10-16 11:38:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2016-10-16 11:38:44 ----A---- C:\WINDOWS\system32\FntCache.dll
2016-10-16 11:38:42 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2016-10-16 11:38:41 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-10-16 11:38:41 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-10-16 11:38:40 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-10-16 11:38:39 ----A---- C:\WINDOWS\system32\wbengine.exe
2016-10-16 11:38:39 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-10-16 11:38:39 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-10-16 11:38:38 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-10-16 11:38:38 ----A---- C:\WINDOWS\system32\winload.exe
2016-10-16 11:38:37 ----A---- C:\WINDOWS\system32\wmploc.DLL
2016-10-16 11:38:37 ----A---- C:\WINDOWS\system32\drivers\parport.sys
2016-10-16 11:38:36 ----A---- C:\WINDOWS\SYSWOW64\wmploc.DLL
2016-10-16 11:38:35 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2016-10-16 11:38:35 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2016-10-16 11:38:34 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-10-16 11:38:32 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2016-10-16 11:38:32 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2016-10-16 11:38:31 ----A---- C:\WINDOWS\system32\winresume.exe
2016-10-16 11:38:31 ----A---- C:\WINDOWS\system32\rastapi.dll
2016-10-16 11:38:31 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2016-10-16 11:38:30 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2016-10-16 11:38:30 ----A---- C:\WINDOWS\system32\adsmsext.dll
2016-10-16 11:38:29 ----A---- C:\WINDOWS\SYSWOW64\adsmsext.dll
2016-10-16 11:38:29 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-10-16 11:38:29 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-10-16 11:38:26 ----A---- C:\WINDOWS\system32\offreg.dll
2016-10-16 11:38:25 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2016-10-16 11:38:25 ----A---- C:\WINDOWS\system32\drivers\vwifibus.sys
2016-10-16 11:38:23 ----A---- C:\WINDOWS\system32\drivers\serenum.sys

======List of files/folders modified in the last 1 month======

2016-11-15 17:27:23 ----RD---- C:\Program Files
2016-11-15 17:22:34 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 17:22:14 ----D---- C:\WINDOWS\Temp
2016-11-15 17:08:34 ----D---- C:\WINDOWS\Prefetch
2016-11-15 17:02:45 ----D---- C:\WINDOWS\system32\sru
2016-11-14 19:53:10 ----D---- C:\WINDOWS\system32\config
2016-11-14 19:51:10 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-14 19:18:42 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-11-14 19:16:45 ----HD---- C:\ProgramData
2016-11-14 19:15:07 ----SD---- C:\Users\Lucinka\AppData\Roaming\Microsoft
2016-11-14 19:15:05 ----D---- C:\Windows
2016-11-14 19:12:13 ----RD---- C:\Program Files (x86)
2016-11-14 19:12:13 ----D---- C:\Users\Lucinka\AppData\Roaming\Elex-tech
2016-11-14 19:12:13 ----D---- C:\Program Files (x86)\VideoPlayerV3
2016-11-14 19:12:12 ----D---- C:\Program Files (x86)\Common Files
2016-11-14 19:12:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-14 19:12:06 ----D---- C:\WINDOWS\Inf
2016-11-14 19:12:05 ----D---- C:\WINDOWS\SysWOW64
2016-11-14 19:12:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-14 18:00:03 ----D---- C:\WINDOWS\WinSxS
2016-11-14 17:52:45 ----RD---- C:\WINDOWS\ToastData
2016-11-14 17:52:36 ----D---- C:\Program Files\Internet Explorer
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-14 17:52:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-14 17:52:33 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\migration
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-14 17:52:30 ----D---- C:\WINDOWS\system32\en-US
2016-11-14 17:52:29 ----D---- C:\WINDOWS\System32
2016-11-14 17:52:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-14 17:49:49 ----SHD---- C:\WINDOWS\Installer
2016-11-14 17:47:41 ----SHD---- C:\Config.Msi
2016-11-14 17:32:11 ----HD---- C:\Program Files\WindowsApps
2016-11-14 17:24:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-13 12:30:16 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 12:29:23 ----D---- C:\WINDOWS\CbsTemp
2016-11-13 12:27:03 ----D---- C:\WINDOWS\system32\MRT
2016-11-13 11:50:29 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-13 11:38:25 ----SHD---- C:\System Volume Information
2016-11-10 17:43:16 ----D---- C:\WINDOWS\system32\Macromed
2016-11-10 17:43:14 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-10 17:39:45 ----D---- C:\WINDOWS\AppReadiness
2016-11-10 17:02:34 ----D---- C:\WINDOWS\system32\catroot2
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Minidump
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Logs
2016-11-04 18:58:49 ----D---- C:\WINDOWS\debug
2016-11-03 20:03:56 ----RD---- C:\Program Files (x86)\Skype
2016-11-02 19:38:11 ----RSD---- C:\WINDOWS\assembly
2016-11-02 19:33:07 ----D---- C:\WINDOWS\rescache
2016-10-30 16:44:02 ----D---- C:\WINDOWS\system32\Boot
2016-10-30 16:44:00 ----D---- C:\WINDOWS\apppatch
2016-10-30 16:43:49 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-30 16:43:49 ----D---- C:\WINDOWS\system32\appraiser
2016-10-30 16:43:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-28 18:56:31 ----D---- C:\Users\Lucinka\AppData\Roaming\Skype
2016-10-21 17:13:46 ----D---- C:\ProgramData\Skype
2016-10-16 11:47:09 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-01 647736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-24 513632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-13 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-13 163416]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-26 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-26 617472]
R3 AthBTPort;@oem4.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
R3 athr;@oem65.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-02 3837440]
R3 AtiHDAudioService;@oem67.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-09-26 138240]
R3 BTATH_A2DP;@oem3.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-12-28 345832]
R3 btath_avdt;@oem3.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-12-28 115432]
R3 BTATH_BUS;@oem47.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;@oem7.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
R3 BTATH_RCP;@oem25.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-12-28 136424]
R3 BTATH_VDP;@oem26.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\WINDOWS\system32\drivers\btath_vdp.sys [2012-12-28 428008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 dtlitescsibus;@oem2.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-05-21 30264]
R3 dtliteusbbus;@oem5.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-05-21 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-20 4102928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-11-15 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 MEIx64;@oem12.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-08-06 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-06-14 167424]
R3 RSPCIESTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2014-03-20 359128]
R3 RTL8168;@oem64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-06-17 873688]
R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-10-16 29352]
R3 SFEP;@oem34.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-27 44344]
R3 SOWS;@oem42.inf,%SOWS%;Sony Wireless State Device; C:\WINDOWS\System32\drivers\sows.sys [2012-06-11 24280]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-09-27 457528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-13 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 dg_ssudbus;@oem11.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 dot4;@oem18.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem28.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 Dot4Scan;@oem30.inf,%Dot4Scan_Name%;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2013-06-04 14760]
S3 dot4usb;@oem18.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2015-08-24 13792]
S3 ssudmdm;@oem53.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2012-11-01 40712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-26 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-13 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-08-06 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-06 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-08-06 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2015-10-02 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-08-06 364416]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-12 1443520]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-07-23 59928]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-10 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 625240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000]

-----------------EOF-----------------

Re: Zastupci na flashce

Napsal: 15 lis 2016 19:40
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zastupci na flashce

Napsal: 15 lis 2016 20:02
od Lucie1818
Tady to je:

# AdwCleaner v6.030 - Log soubor vytvořen 15/11/2016 na 19:57:55
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-15.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Lucinka - LUCKA
# Beží od : C:\Users\Lucinka\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\ProgramData\6b20013b000003b4
[-] Adresář smazán:C:\ProgramData\6cb6bee00000742f
[-] Adresář smazán:C:\ProgramData\828517d000001a18
[-] Adresář smazán:C:\ProgramData\e5a97d3a00006b36
[-] Adresář smazán:C:\ProgramData\{a2f12769-c59c-838e-a2f1-12769c599da7}
[-] Adresář smazán:C:\ProgramData\{d7ec222c-ff32-31b8-d7ec-c222cff388b3}
[-] Adresář smazán:C:\Users\Lucinka\AppData\Local\torch
[-] Adresář smazán:C:\Users\Lucinka\AppData\Roaming\Elex-tech
[-] Adresář smazán:C:\Users\Lucinka\AppData\Roaming\WinZipper
[-] Adresář smazán:C:\Users\Administrator\AppData\Local\torch


***** [ Soubory ] *****

[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Soubor smazán:C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\fba5d7d9-3ab5-bd2e-4b6d-c9662d0e64e8
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Softonic
[-] Klíč smazán:HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\WEBAPP
[-] Klíč smazán:HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[#] Klíč smazán po restartování:HKCU\Software\Softonic
[#] Klíč smazán po restartování:HKCU\Software\WEBAPP
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\winzipersvc
[#] Klíč smazán po restartování:[x64] HKCU\Software\Softonic
[#] Klíč smazán po restartování:[x64] HKCU\Software\WEBAPP
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč smazán:HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-homes.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-homes.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com
[-] Hodnota smazána:HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Optimizer Pro]


***** [ Prohlížeče ] *****

[-] [C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:gta-v.en.softonic.com


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4969 Bajtů] - [15/11/2016 19:57:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [4969 Bajtů] - [15/11/2016 19:57:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5117 Bajtů] ##########

Re: Zastupci na flashce

Napsal: 15 lis 2016 20:56
od Rudy
Dejte nový log RSIT.

Re: Zastupci na flashce

Napsal: 17 lis 2016 12:01
od Lucie1818
Logfile of random's system information tool 1.14 (written by random/random)
Run by Lucinka at 2016-11-17 12:00:27
Microsoft Windows 8.1
System drive C: has 60 GB (13%) free of 445 GB
Total RAM: 4043 MB (43% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:00:29, on 17. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\syswow64\backgroundTaskHost.exe
C:\WINDOWS\syswow64\backgroundTaskHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucinka_RSITx64 (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: RobOSAver - {43C449E9-7544-48DA-A6A2-B15335634362} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" (User '?')
O4 - HKUS\S-1-5-21-276115832-903891615-3267707726-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User '?')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{694A2238-8337-4D38-8739-DC4EAB54088F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14046 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE"
"C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe" /AutoStart
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Sony Corporation\VAIO Care\inteldata override_existing_tracing=no limit_output_by_filesize_mb=100' os='C:\Program Files\Sony\VAIO Care\ESRV\os_counters.txt' "
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -System
C:\WINDOWS\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files\Sony\VAIO Improvement\vim.exe" -User
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Sony\VAIO Care\Solution.Updater.exe"
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\WSqmCons.exe -u
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppX2e6h94h6qek410y3rzfv2a72rfdgkyx6.mca
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppXkrktarsky4b3chn7fvc7fne5zr9p5eky.mca
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\rundll32.exe
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
C:\WINDOWS\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\msfeedssync.exe sync
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x128
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,18,20,34,60 --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.1.0 --gpu-driver-date=8-21-2013 --mojo-application-channel-token=AE7E93329D1976025B2282B5698E856F --mojo-platform-channel-handle=1224 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=2E83D9F68090768631FB390195389B43 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=2E83D9F68090768631FB390195389B43 --channel="8560.3.1887588054\1526990205" --mojo-platform-channel-handle=5092 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=282AACB2E5B8790C2F05D6AC6ECF8310 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=282AACB2E5B8790C2F05D6AC6ECF8310 --channel="8560.4.860918333\1297224665" --mojo-platform-channel-handle=2964 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lucinka\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1467030093 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Trojan Killer - "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" -startupscan
C:\WINDOWS\system32\tasks\USER_ESRV_SVC - "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{9C10C502-93E6-4E5A-B643-3ED73931FDA2} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{3763F760-F82F-45E3-ADD9-650744F16D23} - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-276115832-903891615-3267707726-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start - C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe /AutoStart
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update - "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair - C:\Program Files\Sony\VAIO Update\VUSR.exe
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem - C:\Program Files\Sony\VAIO Improvement\vim.exe -System
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser - C:\Program Files\Sony\VAIO Improvement\vim.exe -User
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask - C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe -Logon
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Daily - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Daily
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Month - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Month
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -collectactivestatus
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\CheckSystemInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -checksysteminfo
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\DeployCRMflag - "%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\GetPOTInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -getcollectdata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateContacts - "%ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe" taskschedule
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateSolution - "%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UploadPOT - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -uploaddata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VAIO Care - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCCheckIolo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCMetrics - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -metrics
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCOneClick - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -autocheck
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCRLog - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -vcrautolog
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCSelfHeal - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -selfheal
C:\WINDOWS\system32\tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start - C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe /AutoStart
C:\WINDOWS\system32\tasks\Remediation\AntimalwareMigrationTask - "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aiockdklnaeikkippjiofcioidjdfjda 1
Extension aohghmighlieiainnegkcijnfilokake 0 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bcmfcmnnfajkaodbiimljgjngkdcomkd 1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfchgcbmheebfgccmphpabmjmiphgafa 1
Extension bfejeeliicfnpjmmehfkbclbjpnmhjad 1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 0 YouTube 4.2.7
Extension bpimjanmknifnoiajikmhmhmlihdccbd 1
Extension cakcbjmcfenngdlkebbfcapkhekmlnnf 0
Extension cieamfbopgjdndnglgaoipojodpaebla 0
Extension coobgpohoikkiipiblmjeljniedjpjpf 0 Vyhledávání Google 0.0.0.30
Extension ddiblodcpaaieoopolanaoecbhicgjfo 1
Extension dfpiojgfcpgmmngegabpkhdehkdoafgf 1
Extension dhkmlfffjbdkhmmillloecfjcjcldonm 0
Extension dieiajjabphdediajngidjdbidhlcmeg 1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension egooajehhojinnbgjlnenbflekkmbbdk 1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Tabulky Google 1.1
Extension fmgncofpadimjlpmndcpcfiilplihmop 0
Extension geklbcigmpeljogplgbgnakkbajkkmbb 1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension ginepjojjbmfbfiibfdebddmbkjmgfle 1
Extension gldjckfcakggohoblbfgmnjihakcijia 0
Extension hcngmcbfhnbadikopieafpodfcfigech 0
Extension hgnpdbanhfmmdgeogllhocdajiphlkgi 1
Extension hinoaghjhbakmocjckejlfflbifkdmbn 1
Extension hpibhjpemeolbogonokcekdfmimpnkdi 1
Extension iikflkcanblccfahdhdonehdalibjnif 2 Norton Identity Safe 1.0.5
Extension jegpifpkpcoefipmfndefpligliefnjg 1
Extension kkagohhgodpbgcddadcmnidnphajkmhm 0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension kmojdioehehfhdcdheaigaalidcklhjh 1
Extension ldgenniooofcjhgghggbnjojebadfhll 1
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.4.0.9058
Extension lkmaimcdgeidlpffbmgnpnfcjjjppmab 0
Extension lojpenhmoajbiciapkjkiekmobleogjc Default Placeholder Extensions 35.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mffkmlfpmnnbnpnelpbjmjopphljanoc 0
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mimbnekakoafehdbmehcliolpblpchki 1
Extension mimficccjmogheahaobepphobhpikpie 0
Extension mkfokfffehpeedafpekjeddnmnjhmcmk 2 Norton Identity Protection 2014.6.0.27
Extension mmebmmnpohfhoknnlpohjaembcipocaa 0
Extension mnamepgegfajelhmikmlfepimmkoaeel 1
Extension mnpbfmbldigngiccdgkbikaeifoljngg 0
Extension naaigfdnmbjjkdbpdbelpaaopjblfkbl 0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmbfljkmcghmakofbhhgemjhboabdkcn 1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Peněženka Google 0.1.1.0
Extension npmhlidlacoobmdcgkfcdpjkdinjadpp 0
Extension oienjamfkkgodanlopcoccgeciiabpbf 0
Extension ojhhhckoohekoflgcgefnambkbbhigoh 1
Extension okoimcnealmbfnikpfoiddcofdpoamch 0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pdfgngceadnblodkipmecieecjkingjd 1
Extension phfdejpcbhjlhdpjagpeolimmpkellcf 0 Puzzle 2016.6.18.52449
Extension pidlfoaphhfaffigckejdcdeacfhofeo 1
Extension pjkljhegncpnkpknbcohdijeoejaedia 0 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Extension pmblmlebfhgmggndnfipebabpklgnnae 1
Extension pnnjhcapkfbnhlnapejhapnciojnmlmn 1
Homepage: https://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 1.4.8.903 Widevine Content Decryption Module C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll
Plugin 23.0.0.166 Shockwave Flash C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll
Plugin Chrome PDF Viewer chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\internal-nacl-plugin
Plugin Chrome PDF Viewer internal-pdf-viewer
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?bcutc=sp- ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-12-28 64640]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-27 2930488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-04-12 4289728]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NokiaMusic FastStart"=C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"NPSStartup"= []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-06-02 318128]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-16 596504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-15 19:53:56 ----D---- C:\AdwCleaner
2016-11-15 17:54:33 ----A---- C:\WINDOWS\system32\drivers\4BA22D69.sys
2016-11-15 17:27:23 ----D---- C:\Program Files\trend micro
2016-11-15 17:27:20 ----D---- C:\rsit
2016-11-14 18:39:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-11-14 18:33:51 ----D---- C:\ProgramData\Malwarebytes
2016-11-14 18:33:51 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-11-14 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-11-10 17:36:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-10 17:36:20 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-10 17:36:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-10 17:36:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-10 17:36:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-10 17:36:07 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-10 17:36:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-10 17:36:06 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-10 17:36:06 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-10 17:36:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-10 17:36:03 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-10 17:36:01 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-10 17:36:00 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-10 17:35:56 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 17:35:50 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\system32\input.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-10 16:46:21 ----SHD---- C:\found.005
2016-11-07 18:43:38 ----SHD---- C:\found.004
2016-11-07 18:43:38 ----SHD---- C:\found.003
2016-11-07 18:43:38 ----SHD---- C:\found.002
2016-11-07 18:43:37 ----SHD---- C:\found.001

======List of files/folders modified in the last 1 month======

2016-11-17 12:00:30 ----D---- C:\WINDOWS\Prefetch
2016-11-17 12:00:00 ----D---- C:\WINDOWS\system32\sru
2016-11-17 11:52:30 ----D---- C:\WINDOWS\Temp
2016-11-16 20:41:54 ----D---- C:\WINDOWS\system32\config
2016-11-16 20:18:40 ----D---- C:\WINDOWS\AppReadiness
2016-11-16 19:44:40 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 20:04:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-11-15 20:04:17 ----D---- C:\WINDOWS\system32\wdi
2016-11-15 20:00:28 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:00:08 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2016-11-15 19:57:36 ----D---- C:\WINDOWS\system32\log
2016-11-15 19:57:31 ----HD---- C:\ProgramData
2016-11-15 19:37:48 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-15 19:34:45 ----D---- C:\WINDOWS\rescache
2016-11-15 17:27:23 ----RD---- C:\Program Files
2016-11-14 19:15:07 ----SD---- C:\Users\Lucinka\AppData\Roaming\Microsoft
2016-11-14 19:15:05 ----D---- C:\Windows
2016-11-14 19:12:13 ----RD---- C:\Program Files (x86)
2016-11-14 19:12:13 ----D---- C:\Program Files (x86)\VideoPlayerV3
2016-11-14 19:12:12 ----D---- C:\Program Files (x86)\Common Files
2016-11-14 19:12:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-14 19:12:06 ----D---- C:\WINDOWS\Inf
2016-11-14 19:12:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-14 18:00:03 ----D---- C:\WINDOWS\WinSxS
2016-11-14 17:52:45 ----RD---- C:\WINDOWS\ToastData
2016-11-14 17:52:36 ----D---- C:\Program Files\Internet Explorer
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-14 17:52:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-14 17:52:33 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\migration
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-14 17:52:30 ----D---- C:\WINDOWS\system32\en-US
2016-11-14 17:52:29 ----D---- C:\WINDOWS\System32
2016-11-14 17:52:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-14 17:49:49 ----SHD---- C:\WINDOWS\Installer
2016-11-14 17:47:41 ----SHD---- C:\Config.Msi
2016-11-14 17:32:11 ----HD---- C:\Program Files\WindowsApps
2016-11-14 17:24:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-13 12:30:16 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 12:29:23 ----D---- C:\WINDOWS\CbsTemp
2016-11-13 12:27:03 ----D---- C:\WINDOWS\system32\MRT
2016-11-13 11:50:29 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-13 11:38:25 ----SHD---- C:\System Volume Information
2016-11-10 17:43:16 ----D---- C:\WINDOWS\system32\Macromed
2016-11-10 17:43:14 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-10 17:02:34 ----D---- C:\WINDOWS\system32\catroot2
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Minidump
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Logs
2016-11-04 18:58:49 ----D---- C:\WINDOWS\debug
2016-11-03 20:03:56 ----RD---- C:\Program Files (x86)\Skype
2016-11-02 19:38:11 ----RSD---- C:\WINDOWS\assembly
2016-10-30 16:44:02 ----D---- C:\WINDOWS\system32\Boot
2016-10-30 16:44:00 ----D---- C:\WINDOWS\apppatch
2016-10-30 16:43:49 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-30 16:43:49 ----D---- C:\WINDOWS\system32\appraiser
2016-10-30 16:43:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-28 18:56:31 ----D---- C:\Users\Lucinka\AppData\Roaming\Skype
2016-10-21 17:13:46 ----D---- C:\ProgramData\Skype

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-01 647736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-24 513632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-13 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-13 163416]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-26 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-26 617472]
R3 AthBTPort;@oem4.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
R3 athr;@oem65.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-02 3837440]
R3 AtiHDAudioService;@oem67.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-09-26 138240]
R3 BTATH_A2DP;@oem3.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-12-28 345832]
R3 btath_avdt;@oem3.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-12-28 115432]
R3 BTATH_BUS;@oem47.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;@oem7.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
R3 BTATH_RCP;@oem25.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-12-28 136424]
R3 BTATH_VDP;@oem26.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\WINDOWS\system32\drivers\btath_vdp.sys [2012-12-28 428008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 dtlitescsibus;@oem2.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-05-21 30264]
R3 dtliteusbbus;@oem5.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-05-21 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-20 4102928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-11-17 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 MEIx64;@oem12.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-08-06 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-06-14 167424]
R3 RSPCIESTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2014-03-20 359128]
R3 RTL8168;@oem64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-06-17 873688]
R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-10-16 29352]
R3 SFEP;@oem34.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-27 44344]
R3 SOWS;@oem42.inf,%SOWS%;Sony Wireless State Device; C:\WINDOWS\System32\drivers\sows.sys [2012-06-11 24280]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-09-27 457528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-13 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 dg_ssudbus;@oem11.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 dot4;@oem18.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem28.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 Dot4Scan;@oem30.inf,%Dot4Scan_Name%;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2013-06-04 14760]
S3 dot4usb;@oem18.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2015-08-24 13792]
S3 ssudmdm;@oem53.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2012-11-01 40712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-26 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-13 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-08-06 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-06 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-08-06 276864]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2016-11-15 4521856]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-08-06 364416]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-12 1443520]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-07-23 59928]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-10 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 625240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000]

-----------------EOF-----------------

Re: Zastupci na flashce

Napsal: 17 lis 2016 12:42
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA
C:\Program Files\Sony\MSS\3.8.141
C:\WINDOWS\system32\drivers\4BA22D69.sys

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43C449E9-7544-48DA-A6A2-B15335634362}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:services
McComponentHostServiceSony

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: Zastupci na flashce

Napsal: 17 lis 2016 14:00
od Lucie1818
Logfile of random's system information tool 1.14 (written by random/random)
Run by Lucinka at 2016-11-17 13:59:30
Microsoft Windows 8.1
System drive C: has 83 GB (19%) free of 445 GB
Total RAM: 4043 MB (50% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:59:35, on 17. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucinka_RSITx64 (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{694A2238-8337-4D38-8739-DC4EAB54088F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12524 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
"C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe" /AutoStart
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x12c
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,18,20,34,60 --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.1.0 --gpu-driver-date=8-21-2013 --mojo-application-channel-token=75002AC899847263876A01703533D64E --mojo-platform-channel-handle=1196 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=85E29E0E097A129BC9521E61C1F94723 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=85E29E0E097A129BC9521E61C1F94723 --channel="4892.0.1025114324\1340571034" --mojo-platform-channel-handle=2216 /prefetch:1
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=CBA98ECA9CAB826A50CA4720C4E68B2E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=CBA98ECA9CAB826A50CA4720C4E68B2E --channel="4892.2.1605061317\1079606389" --mojo-platform-channel-handle=3544 /prefetch:1
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=578FEBE8AB128A9F165C326FA784191F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=578FEBE8AB128A9F165C326FA784191F --channel="4892.4.1587172543\801759402" --mojo-platform-channel-handle=5016 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D2EE1DB49EB740CE04CDE4929F258619 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=D2EE1DB49EB740CE04CDE4929F258619 --channel="4892.5.365159605\1693681631" --mojo-platform-channel-handle=3604 /prefetch:1
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49265" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Sony\VAIO Care\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Sony Corporation\VAIO Care\inteldata' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Sony\VAIO Care\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\acpi_battery_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\sema_thermal_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\wifi_input.dll' il='C:\Program Files\Sony\VAIO Care\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Sony\VAIO Care\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Sony Corporation\VAIO Care\inteldata override_existing_tracing=no limit_output_by_filesize_mb=100' os='C:\Program Files\Sony\VAIO Care\ESRV\os_counters.txt' "
"C:\Users\Lucinka\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1467030093 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Trojan Killer - "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" -startupscan
C:\WINDOWS\system32\tasks\USER_ESRV_SVC - "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{9C10C502-93E6-4E5A-B643-3ED73931FDA2} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{3763F760-F82F-45E3-ADD9-650744F16D23} - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-276115832-903891615-3267707726-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start - C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe /AutoStart
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update - "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair - C:\Program Files\Sony\VAIO Update\VUSR.exe
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem - C:\Program Files\Sony\VAIO Improvement\vim.exe -System
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser - C:\Program Files\Sony\VAIO Improvement\vim.exe -User
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask - C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe -Logon
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Daily - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Daily
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Month - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Month
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -collectactivestatus
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\CheckSystemInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -checksysteminfo
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\DeployCRMflag - "%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\GetPOTInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -getcollectdata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateContacts - "%ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe" taskschedule
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateSolution - "%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UploadPOT - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -uploaddata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VAIO Care - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCCheckIolo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCMetrics - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -metrics
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCOneClick - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -autocheck
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCRLog - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -vcrautolog
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCSelfHeal - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -selfheal
C:\WINDOWS\system32\tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start - C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe /AutoStart
C:\WINDOWS\system32\tasks\Remediation\AntimalwareMigrationTask - "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aiockdklnaeikkippjiofcioidjdfjda 1
Extension aohghmighlieiainnegkcijnfilokake 0 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bcmfcmnnfajkaodbiimljgjngkdcomkd 1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfchgcbmheebfgccmphpabmjmiphgafa 1
Extension bfejeeliicfnpjmmehfkbclbjpnmhjad 1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 0 YouTube 4.2.7
Extension bpimjanmknifnoiajikmhmhmlihdccbd 1
Extension cakcbjmcfenngdlkebbfcapkhekmlnnf 0
Extension cieamfbopgjdndnglgaoipojodpaebla 0
Extension coobgpohoikkiipiblmjeljniedjpjpf 0 Vyhledávání Google 0.0.0.30
Extension ddiblodcpaaieoopolanaoecbhicgjfo 1
Extension dfpiojgfcpgmmngegabpkhdehkdoafgf 1
Extension dhkmlfffjbdkhmmillloecfjcjcldonm 0
Extension dieiajjabphdediajngidjdbidhlcmeg 1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension egooajehhojinnbgjlnenbflekkmbbdk 1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Tabulky Google 1.1
Extension fmgncofpadimjlpmndcpcfiilplihmop 0
Extension geklbcigmpeljogplgbgnakkbajkkmbb 1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension ginepjojjbmfbfiibfdebddmbkjmgfle 1
Extension gldjckfcakggohoblbfgmnjihakcijia 0
Extension hcngmcbfhnbadikopieafpodfcfigech 0
Extension hgnpdbanhfmmdgeogllhocdajiphlkgi 1
Extension hinoaghjhbakmocjckejlfflbifkdmbn 1
Extension hpibhjpemeolbogonokcekdfmimpnkdi 1
Extension iikflkcanblccfahdhdonehdalibjnif 2 Norton Identity Safe 1.0.5
Extension jegpifpkpcoefipmfndefpligliefnjg 1
Extension kkagohhgodpbgcddadcmnidnphajkmhm 0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension kmojdioehehfhdcdheaigaalidcklhjh 1
Extension ldgenniooofcjhgghggbnjojebadfhll 1
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.4.0.9058
Extension lkmaimcdgeidlpffbmgnpnfcjjjppmab 0
Extension lojpenhmoajbiciapkjkiekmobleogjc Default Placeholder Extensions 35.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mffkmlfpmnnbnpnelpbjmjopphljanoc 0
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mimbnekakoafehdbmehcliolpblpchki 1
Extension mimficccjmogheahaobepphobhpikpie 0
Extension mkfokfffehpeedafpekjeddnmnjhmcmk 2 Norton Identity Protection 2014.6.0.27
Extension mmebmmnpohfhoknnlpohjaembcipocaa 0
Extension mnamepgegfajelhmikmlfepimmkoaeel 1
Extension mnpbfmbldigngiccdgkbikaeifoljngg 0
Extension naaigfdnmbjjkdbpdbelpaaopjblfkbl 0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmbfljkmcghmakofbhhgemjhboabdkcn 1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Peněženka Google 0.1.1.0
Extension npmhlidlacoobmdcgkfcdpjkdinjadpp 0
Extension oienjamfkkgodanlopcoccgeciiabpbf 0
Extension ojhhhckoohekoflgcgefnambkbbhigoh 1
Extension okoimcnealmbfnikpfoiddcofdpoamch 0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pdfgngceadnblodkipmecieecjkingjd 1
Extension phfdejpcbhjlhdpjagpeolimmpkellcf 0 Puzzle 2016.6.18.52449
Extension pidlfoaphhfaffigckejdcdeacfhofeo 1
Extension pjkljhegncpnkpknbcohdijeoejaedia 0 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Extension pmblmlebfhgmggndnfipebabpklgnnae 1
Extension pnnjhcapkfbnhlnapejhapnciojnmlmn 1
Homepage: https://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 1.4.8.903 Widevine Content Decryption Module C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll
Plugin 23.0.0.166 Shockwave Flash C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll
Plugin Chrome PDF Viewer chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\internal-nacl-plugin
Plugin Chrome PDF Viewer internal-pdf-viewer
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?bcutc=sp- ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-12-28 64640]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-27 2930488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-04-12 4289728]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NokiaMusic FastStart"=C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"NPSStartup"= []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-06-02 318128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-17 13:53:47 ----D---- C:\_OTM
2016-11-15 19:53:56 ----D---- C:\AdwCleaner
2016-11-15 17:54:33 ----A---- C:\WINDOWS\system32\drivers\4BA22D69.sys
2016-11-15 17:27:23 ----D---- C:\Program Files\trend micro
2016-11-15 17:27:20 ----D---- C:\rsit
2016-11-14 18:39:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-11-14 18:33:51 ----D---- C:\ProgramData\Malwarebytes
2016-11-14 18:33:51 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-11-14 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-11-10 17:36:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-10 17:36:20 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-10 17:36:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-10 17:36:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-10 17:36:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-10 17:36:07 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-10 17:36:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-10 17:36:06 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-10 17:36:06 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-10 17:36:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-10 17:36:03 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-10 17:36:01 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-10 17:36:00 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-10 17:35:56 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 17:35:50 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\system32\input.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-10 16:46:21 ----SHD---- C:\found.005
2016-11-07 18:43:38 ----SHD---- C:\found.004
2016-11-07 18:43:38 ----SHD---- C:\found.003
2016-11-07 18:43:38 ----SHD---- C:\found.002
2016-11-07 18:43:37 ----SHD---- C:\found.001

======List of files/folders modified in the last 1 month======

2016-11-17 13:59:04 ----D---- C:\WINDOWS\Temp
2016-11-17 13:58:28 ----D---- C:\WINDOWS\Prefetch
2016-11-17 13:56:06 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-11-17 13:54:40 ----D---- C:\Windows
2016-11-17 13:53:48 ----D---- C:\WINDOWS\Tasks
2016-11-17 13:49:46 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-17 12:44:32 ----D---- C:\WINDOWS\system32\sru
2016-11-16 20:41:54 ----D---- C:\WINDOWS\system32\config
2016-11-16 20:18:40 ----D---- C:\WINDOWS\AppReadiness
2016-11-16 19:44:40 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 20:04:17 ----D---- C:\WINDOWS\system32\wdi
2016-11-15 20:00:28 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:00:08 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2016-11-15 19:57:36 ----D---- C:\WINDOWS\system32\log
2016-11-15 19:57:31 ----HD---- C:\ProgramData
2016-11-15 19:34:45 ----D---- C:\WINDOWS\rescache
2016-11-15 17:27:23 ----RD---- C:\Program Files
2016-11-14 19:15:07 ----SD---- C:\Users\Lucinka\AppData\Roaming\Microsoft
2016-11-14 19:12:13 ----RD---- C:\Program Files (x86)
2016-11-14 19:12:13 ----D---- C:\Program Files (x86)\VideoPlayerV3
2016-11-14 19:12:12 ----D---- C:\Program Files (x86)\Common Files
2016-11-14 19:12:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-14 19:12:06 ----D---- C:\WINDOWS\Inf
2016-11-14 19:12:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-14 18:00:03 ----D---- C:\WINDOWS\WinSxS
2016-11-14 17:52:45 ----RD---- C:\WINDOWS\ToastData
2016-11-14 17:52:36 ----D---- C:\Program Files\Internet Explorer
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-14 17:52:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-14 17:52:33 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\migration
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-14 17:52:30 ----D---- C:\WINDOWS\system32\en-US
2016-11-14 17:52:29 ----D---- C:\WINDOWS\System32
2016-11-14 17:52:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-14 17:49:49 ----SHD---- C:\WINDOWS\Installer
2016-11-14 17:47:41 ----SHD---- C:\Config.Msi
2016-11-14 17:32:11 ----HD---- C:\Program Files\WindowsApps
2016-11-14 17:24:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-13 12:30:16 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 12:29:23 ----D---- C:\WINDOWS\CbsTemp
2016-11-13 12:27:03 ----D---- C:\WINDOWS\system32\MRT
2016-11-13 11:50:29 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-13 11:38:25 ----SHD---- C:\System Volume Information
2016-11-10 17:43:16 ----D---- C:\WINDOWS\system32\Macromed
2016-11-10 17:43:14 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-10 17:02:34 ----D---- C:\WINDOWS\system32\catroot2
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Minidump
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Logs
2016-11-04 18:58:49 ----D---- C:\WINDOWS\debug
2016-11-03 20:03:56 ----RD---- C:\Program Files (x86)\Skype
2016-11-02 19:38:11 ----RSD---- C:\WINDOWS\assembly
2016-10-30 16:44:02 ----D---- C:\WINDOWS\system32\Boot
2016-10-30 16:44:00 ----D---- C:\WINDOWS\apppatch
2016-10-30 16:43:49 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-30 16:43:49 ----D---- C:\WINDOWS\system32\appraiser
2016-10-30 16:43:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-28 18:56:31 ----D---- C:\Users\Lucinka\AppData\Roaming\Skype
2016-10-21 17:13:46 ----D---- C:\ProgramData\Skype

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-01 647736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-24 513632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-13 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-13 163416]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-26 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-26 617472]
R3 AthBTPort;@oem4.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
R3 athr;@oem65.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-02 3837440]
R3 AtiHDAudioService;@oem67.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-09-26 138240]
R3 BTATH_A2DP;@oem3.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-12-28 345832]
R3 btath_avdt;@oem3.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-12-28 115432]
R3 BTATH_BUS;@oem47.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;@oem7.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
R3 BTATH_RCP;@oem25.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-12-28 136424]
R3 BTATH_VDP;@oem26.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\WINDOWS\system32\drivers\btath_vdp.sys [2012-12-28 428008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 dtlitescsibus;@oem2.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-05-21 30264]
R3 dtliteusbbus;@oem5.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-05-21 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-20 4102928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-11-17 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 MEIx64;@oem12.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-08-06 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-06-14 167424]
R3 RSPCIESTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2014-03-20 359128]
R3 RTL8168;@oem64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-06-17 873688]
R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-10-16 29352]
R3 SFEP;@oem34.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-27 44344]
R3 SOWS;@oem42.inf,%SOWS%;Sony Wireless State Device; C:\WINDOWS\System32\drivers\sows.sys [2012-06-11 24280]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-09-27 457528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-13 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 dg_ssudbus;@oem11.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 dot4;@oem18.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem28.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 Dot4Scan;@oem30.inf,%Dot4Scan_Name%;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2013-06-04 14760]
S3 dot4usb;@oem18.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2015-08-24 13792]
S3 ssudmdm;@oem53.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2012-11-01 40712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-26 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-13 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-06 165760]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2016-11-15 4521856]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-12 1443520]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-08-06 128896]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-08-06 276864]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-08-06 364416]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-10 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 625240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-07-23 59928]

-----------------EOF-----------------

Re: Zastupci na flashce

Napsal: 17 lis 2016 16:21
od martion
ok:)

Re: Zastupci na flashce

Napsal: 17 lis 2016 16:40
od Rudy
martion píše:Dobry den budem pokracovat v tematu mam uplne stejny problem ked chcem cokolvek skopirovat na flasku tak sa z toho behom par sekund stane zastupca.Mozete my prosim poradit ako sa toho zbavyt.Dakujem
Nebudete. Založte si, prosím, vlastní topic. Je to pro přehlednost. Děkujeme.

Re: Zastupci na flashce

Napsal: 17 lis 2016 16:43
od Rudy
2Lucie1818: OTM nemazal. Byl při mazání vypnut antivir?

Re: Zastupci na flashce

Napsal: 17 lis 2016 18:11
od Lucie1818
Zkusila jsem to znova

Logfile of random's system information tool 1.14 (written by random/random)
Run by Lucinka at 2016-11-17 18:01:32
Microsoft Windows 8.1
System drive C: has 81 GB (18%) free of 445 GB
Total RAM: 4043 MB (51% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:41, on 17. 11. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucinka_RSITx64 (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp- ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{694A2238-8337-4D38-8739-DC4EAB54088F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Unknown owner - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12647 bytes

======Enumerating Processes======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\taskeng.exe
"C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe" /backup /iavs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\WINDOWS\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe"
C:\WINDOWS\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe"
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\alg.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe" /AutoStart
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SONYAPO
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.99 --handshake-handle=0x124
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,15,16,17,18,20,34,60 --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.1.0 --gpu-driver-date=8-21-2013 --mojo-application-channel-token=C134767096EA4EFACF8A90921DF12BD5 --mojo-platform-channel-handle=1248 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=D4B46660F7C37F80891353738EB34AEA --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=D4B46660F7C37F80891353738EB34AEA --channel="5580.0.1507660328\1925736830" --mojo-platform-channel-handle=2172 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=9E5B79318402C34858930E7EB29B2292 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=9E5B79318402C34858930E7EB29B2292 --channel="5580.2.1998240129\1888141802" --mojo-platform-channel-handle=3804 /prefetch:1
C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=7020D14271FBA0D028154AB3CA3CF312 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=7020D14271FBA0D028154AB3CA3CF312 --channel="5580.3.1495795917\1397347309" --mojo-platform-channel-handle=4716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=63902A5A8525A00F3FA87C90EE0DB51B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=63902A5A8525A00F3FA87C90EE0DB51B --channel="5580.4.1470909726\1206288076" --mojo-platform-channel-handle=5152 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,MetricsReporting<MetricsAndCrashSampling,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,*OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/AutofillCreditCardSigninPromo/EnabledTen/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/*EnforceCTForProblematicRoots/disabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/*SubresourceFilter/EnabledForPhishingSites/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_89/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=690AEEF028579BA0B0D47157E2288CC4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=690AEEF028579BA0B0D47157E2288CC4 --channel="5580.5.1967127554\2120473693" --mojo-platform-channel-handle=5348 /prefetch:1
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Users\Lucinka\Downloads\RSITx64 (2).exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1467030093 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\Trojan Killer - "C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe" -startupscan
C:\WINDOWS\system32\tasks\USER_ESRV_SVC - "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{9C10C502-93E6-4E5A-B643-3ED73931FDA2} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{3763F760-F82F-45E3-ADD9-650744F16D23} - C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-276115832-903891615-3267707726-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start - C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe /AutoStart
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update - "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair - C:\Program Files\Sony\VAIO Update\VUSR.exe
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem - C:\Program Files\Sony\VAIO Improvement\vim.exe -System
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser - C:\Program Files\Sony\VAIO Improvement\vim.exe -User
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask - C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe -Logon
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Daily - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Daily
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\Level4Month - C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe /Level4Month
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -collectactivestatus
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\CheckSystemInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -checksysteminfo
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\DeployCRMflag - "%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\GetPOTInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -getcollectdata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateContacts - "%ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe" taskschedule
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UpdateSolution - "%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\UploadPOT - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -uploaddata
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VAIO Care - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCCheckIolo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCMetrics - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -metrics
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCOneClick - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -autocheck
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCRLog - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -vcrautolog
C:\WINDOWS\system32\tasks\Sony Corporation\VAIO Care\VCSelfHeal - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -selfheal
C:\WINDOWS\system32\tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start - C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe /AutoStart
C:\WINDOWS\system32\tasks\Remediation\AntimalwareMigrationTask - "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe" /upgrade /user_logon
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 0 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aiockdklnaeikkippjiofcioidjdfjda 1
Extension aohghmighlieiainnegkcijnfilokake 0 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bcmfcmnnfajkaodbiimljgjngkdcomkd 1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bfchgcbmheebfgccmphpabmjmiphgafa 1
Extension bfejeeliicfnpjmmehfkbclbjpnmhjad 1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 0 YouTube 4.2.7
Extension bpimjanmknifnoiajikmhmhmlihdccbd 1
Extension cakcbjmcfenngdlkebbfcapkhekmlnnf 0
Extension cieamfbopgjdndnglgaoipojodpaebla 0
Extension coobgpohoikkiipiblmjeljniedjpjpf 0 Vyhledávání Google 0.0.0.30
Extension ddiblodcpaaieoopolanaoecbhicgjfo 1
Extension dfpiojgfcpgmmngegabpkhdehkdoafgf 1
Extension dhkmlfffjbdkhmmillloecfjcjcldonm 0
Extension dieiajjabphdediajngidjdbidhlcmeg 1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension egooajehhojinnbgjlnenbflekkmbbdk 1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 0 Tabulky Google 1.1
Extension fmgncofpadimjlpmndcpcfiilplihmop 0
Extension geklbcigmpeljogplgbgnakkbajkkmbb 1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension ginepjojjbmfbfiibfdebddmbkjmgfle 1
Extension gldjckfcakggohoblbfgmnjihakcijia 0
Extension hcngmcbfhnbadikopieafpodfcfigech 0
Extension hgnpdbanhfmmdgeogllhocdajiphlkgi 1
Extension hinoaghjhbakmocjckejlfflbifkdmbn 1
Extension hpibhjpemeolbogonokcekdfmimpnkdi 1
Extension iikflkcanblccfahdhdonehdalibjnif 2 Norton Identity Safe 1.0.5
Extension jegpifpkpcoefipmfndefpligliefnjg 1
Extension kkagohhgodpbgcddadcmnidnphajkmhm 0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension kmojdioehehfhdcdheaigaalidcklhjh 1
Extension ldgenniooofcjhgghggbnjojebadfhll 1
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.4.0.9058
Extension lkmaimcdgeidlpffbmgnpnfcjjjppmab 0
Extension lojpenhmoajbiciapkjkiekmobleogjc Default Placeholder Extensions 35.2.1
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mffkmlfpmnnbnpnelpbjmjopphljanoc 0
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mimbnekakoafehdbmehcliolpblpchki 1
Extension mimficccjmogheahaobepphobhpikpie 0
Extension mkfokfffehpeedafpekjeddnmnjhmcmk 2 Norton Identity Protection 2014.6.0.27
Extension mmebmmnpohfhoknnlpohjaembcipocaa 0
Extension mnamepgegfajelhmikmlfepimmkoaeel 1
Extension mnpbfmbldigngiccdgkbikaeifoljngg 0
Extension naaigfdnmbjjkdbpdbelpaaopjblfkbl 0
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmbfljkmcghmakofbhhgemjhboabdkcn 1
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Peněženka Google 0.1.1.0
Extension npmhlidlacoobmdcgkfcdpjkdinjadpp 0
Extension oienjamfkkgodanlopcoccgeciiabpbf 0
Extension ojhhhckoohekoflgcgefnambkbbhigoh 1
Extension okoimcnealmbfnikpfoiddcofdpoamch 0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pdfgngceadnblodkipmecieecjkingjd 1
Extension phfdejpcbhjlhdpjagpeolimmpkellcf 0 Puzzle 2016.6.18.52449
Extension pidlfoaphhfaffigckejdcdeacfhofeo 1
Extension pjkljhegncpnkpknbcohdijeoejaedia 0 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Extension pmblmlebfhgmggndnfipebabpklgnnae 1
Extension pnnjhcapkfbnhlnapejhapnciojnmlmn 1
Homepage: https://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 1.4.8.903 Widevine Content Decryption Module C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll
Plugin 23.0.0.166 Shockwave Flash C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll
Plugin Chrome PDF Viewer chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\internal-nacl-plugin
Plugin Chrome PDF Viewer internal-pdf-viewer
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}]
"URL"=https://www.google.com/search?bcutc=sp- ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-08-20 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-12-28 64640]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-27 2930488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-04-12 4289728]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-06-25 152896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NokiaMusic FastStart"=C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"NPSStartup"= []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-06-02 318128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-17 18:01:32 ----D---- C:\rsit
2016-11-15 19:53:56 ----D---- C:\AdwCleaner
2016-11-15 17:54:33 ----A---- C:\WINDOWS\system32\drivers\4BA22D69.sys
2016-11-15 17:27:23 ----D---- C:\Program Files\trend micro
2016-11-14 18:39:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-11-14 18:33:51 ----D---- C:\ProgramData\Malwarebytes
2016-11-14 18:33:51 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-11-14 18:33:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-11-14 18:00:00 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-11-10 17:36:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-10 17:36:20 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-10 17:36:17 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-10 17:36:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-10 17:36:15 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-10 17:36:14 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-10 17:36:12 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-10 17:36:11 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-10 17:36:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-10 17:36:09 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-10 17:36:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-10 17:36:07 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-10 17:36:07 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-10 17:36:06 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-10 17:36:06 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 17:36:05 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-10 17:36:04 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 17:36:04 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-10 17:36:03 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-10 17:36:02 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-10 17:36:01 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-10 17:36:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-10 17:36:00 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-10 17:35:59 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-10 17:35:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-10 17:35:57 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-10 17:35:56 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 17:35:55 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-10 17:35:54 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-10 17:35:53 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-10 17:35:51 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 17:35:50 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-10 17:35:48 ----A---- C:\WINDOWS\system32\input.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-10 17:35:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-10 17:35:43 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-10 17:35:41 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-10 17:35:40 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-10 17:35:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-10 17:35:37 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 17:35:36 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-11-10 16:46:21 ----SHD---- C:\found.005
2016-11-07 18:43:38 ----SHD---- C:\found.004
2016-11-07 18:43:38 ----SHD---- C:\found.003
2016-11-07 18:43:38 ----SHD---- C:\found.002
2016-11-07 18:43:37 ----SHD---- C:\found.001

======List of files/folders modified in the last 1 month======

2016-11-17 18:01:41 ----D---- C:\WINDOWS\Temp
2016-11-17 17:57:11 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-11-17 17:44:21 ----D---- C:\WINDOWS\system32\config
2016-11-17 17:42:01 ----D---- C:\WINDOWS\Prefetch
2016-11-17 17:38:14 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-17 17:26:40 ----D---- C:\WINDOWS\system32\sru
2016-11-17 13:54:40 ----D---- C:\Windows
2016-11-17 13:53:48 ----D---- C:\WINDOWS\Tasks
2016-11-16 20:18:40 ----D---- C:\WINDOWS\AppReadiness
2016-11-16 19:44:40 ----D---- C:\WINDOWS\system32\drivers
2016-11-15 20:04:17 ----D---- C:\WINDOWS\system32\wdi
2016-11-15 20:00:28 ----D---- C:\WINDOWS\SysWOW64
2016-11-15 20:00:08 ----A---- C:\WINDOWS\SYSWOW64\ssins.exe
2016-11-15 19:57:36 ----D---- C:\WINDOWS\system32\log
2016-11-15 19:57:31 ----HD---- C:\ProgramData
2016-11-15 19:34:45 ----D---- C:\WINDOWS\rescache
2016-11-15 17:27:23 ----RD---- C:\Program Files
2016-11-14 19:15:07 ----SD---- C:\Users\Lucinka\AppData\Roaming\Microsoft
2016-11-14 19:12:13 ----RD---- C:\Program Files (x86)
2016-11-14 19:12:13 ----D---- C:\Program Files (x86)\VideoPlayerV3
2016-11-14 19:12:12 ----D---- C:\Program Files (x86)\Common Files
2016-11-14 19:12:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-14 19:12:06 ----D---- C:\WINDOWS\Inf
2016-11-14 19:12:05 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2016-11-14 18:00:03 ----D---- C:\WINDOWS\WinSxS
2016-11-14 17:52:45 ----RD---- C:\WINDOWS\ToastData
2016-11-14 17:52:36 ----D---- C:\Program Files\Internet Explorer
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-14 17:52:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-14 17:52:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-14 17:52:33 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\migration
2016-11-14 17:52:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-14 17:52:30 ----D---- C:\WINDOWS\system32\en-US
2016-11-14 17:52:29 ----D---- C:\WINDOWS\System32
2016-11-14 17:52:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-14 17:49:49 ----SHD---- C:\WINDOWS\Installer
2016-11-14 17:47:41 ----SHD---- C:\Config.Msi
2016-11-14 17:32:11 ----HD---- C:\Program Files\WindowsApps
2016-11-14 17:24:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-13 12:30:16 ----D---- C:\ProgramData\Microsoft Help
2016-11-13 12:29:23 ----D---- C:\WINDOWS\CbsTemp
2016-11-13 12:27:03 ----D---- C:\WINDOWS\system32\MRT
2016-11-13 11:50:29 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-13 11:38:25 ----SHD---- C:\System Volume Information
2016-11-10 17:43:16 ----D---- C:\WINDOWS\system32\Macromed
2016-11-10 17:43:14 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-10 17:02:34 ----D---- C:\WINDOWS\system32\catroot2
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Minidump
2016-11-04 18:58:49 ----D---- C:\WINDOWS\Logs
2016-11-04 18:58:49 ----D---- C:\WINDOWS\debug
2016-11-03 20:03:56 ----RD---- C:\Program Files (x86)\Skype
2016-11-02 19:38:11 ----RSD---- C:\WINDOWS\assembly
2016-10-30 16:44:02 ----D---- C:\WINDOWS\system32\Boot
2016-10-30 16:44:00 ----D---- C:\WINDOWS\apppatch
2016-10-30 16:43:49 ----SD---- C:\WINDOWS\system32\CompatTel
2016-10-30 16:43:49 ----D---- C:\WINDOWS\system32\appraiser
2016-10-30 16:43:08 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-28 18:56:31 ----D---- C:\Users\Lucinka\AppData\Roaming\Skype
2016-10-21 17:13:46 ----D---- C:\ProgramData\Skype

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-13 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-01 647736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-13 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-13 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-24 513632]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-13 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-13 163416]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-09-26 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-09-26 617472]
R3 AthBTPort;@oem4.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
R3 athr;@oem65.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-02 3837440]
R3 AtiHDAudioService;@oem67.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2013-09-26 138240]
R3 BTATH_A2DP;@oem3.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-12-28 345832]
R3 btath_avdt;@oem3.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-12-28 115432]
R3 BTATH_BUS;@oem47.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;@oem7.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
R3 BTATH_RCP;@oem25.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-12-28 136424]
R3 BTATH_VDP;@oem26.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver; C:\WINDOWS\system32\drivers\btath_vdp.sys [2012-12-28 428008]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-04-29 600088]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 dtlitescsibus;@oem2.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-05-21 30264]
R3 dtliteusbbus;@oem5.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-05-21 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-20 4102928]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-11-17 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 65408]
R3 MEIx64;@oem12.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-08-06 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-06-14 167424]
R3 RSPCIESTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2014-03-20 359128]
R3 RTL8168;@oem64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-06-17 873688]
R3 SFEP;@oem34.inf,%SvcDesc%;Sony Firmware Extension Parser; C:\WINDOWS\System32\drivers\SFEP.sys [2012-07-11 14336]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2012-09-27 44344]
R3 SOWS;@oem42.inf,%SOWS%;Sony Wireless State Device; C:\WINDOWS\System32\drivers\sows.sys [2012-06-11 24280]
R3 SynTP;@oem9.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-09-27 457528]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
S1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-13 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 dg_ssudbus;@oem11.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 dot4;@oem18.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
S3 Dot4Print;@oem28.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 Dot4Scan;@oem30.inf,%Dot4Scan_Name%;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2013-06-04 14760]
S3 dot4usb;@oem18.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-10-16 29352]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2015-08-24 13792]
S3 ssudmdm;@oem53.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 taphss6;Anchorfree HSS VPN Adapter; C:\WINDOWS\system32\DRIVERS\taphss6.sys [2012-11-01 40712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-09-26 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-13 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-08-06 165760]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-07-27 474208]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 ssinstall;SInstalátor; C:\WINDOWS\SysWOW64\ssins.exe [2016-11-15 4521856]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [2012-08-18 68776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-12 1443520]
S2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-08-06 128896]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-08-06 276864]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-08-06 364416]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-10 270016]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25 144200]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetworkSupport;NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-09-28 625240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-08-08 123616]
S3 SOHDms;VAIO Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-08-08 460512]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-08-08 78048]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]
S3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2015-08-26 413336]
S3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2012-07-19 476328]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-08-08 972000]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2015-07-23 59928]

-----------------EOF-----------------

Re: Zastupci na flashce

Napsal: 17 lis 2016 18:14
od Rudy
Je to tam, bohužel, stále. Zkusíme to jinak. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Zastupci na flashce

Napsal: 17 lis 2016 18:24
od Lucie1818
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2016
Ran by Lucinka (administrator) on LUCKA (17-11-2016 18:17:45)
Running from C:\Users\Lucinka\Downloads
Loaded Profiles: Lucinka (Available Profiles: Lucinka & Administrator)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
() C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [NokiaMusic FastStart] => C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe [2090272 2009-11-06] (Nokia)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lucinka\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lucinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-276115832-903891615-3267707726-1001\...\MountPoints2: {3fa113bd-5d6d-11e2-be7f-083e8ecec83a} - "E:\setup.exe" /autorun
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-13] (AVAST Software)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-276115832-903891615-3267707726-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{694A2238-8337-4D38-8739-DC4EAB54088F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{694A2238-8337-4D38-8739-DC4EAB54088F}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7D23AB28-25EC-4A0B-B1DF-C631F8BA922F}: [DhcpNameServer] 10.0.0.138
ManualProxies:

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?bcutc=sp-006
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-276115832-903891615-3267707726-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-276115832-903891615-3267707726-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-276115832-903891615-3267707726-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-276115832-903891615-3267707726-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll => No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll => No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-10] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-10-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-08-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-08-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-276115832-903891615-3267707726-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lucinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-19] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://www.jigsawplanet.com/favicon.ico
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\WidevineCdm\1.4.8.903\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll => No File
CHR Profile: C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default [2016-11-17]
CHR Extension: (Prezentace Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-01]
CHR Extension: (Dokumenty Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-01]
CHR Extension: (Disk Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (Avast SafePrice) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-14]
CHR Extension: (Tabulky Google) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Puzzle) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\phfdejpcbhjlhdpjagpeolimmpkellcf [2016-06-18]
CHR Extension: (Chrome Media Router) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-13] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-08-06] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-08-06] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 ssinstall; C:\WINDOWS\SysWOW64\ssins.exe [4521856 2016-11-15] (PS Media s.r.o.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-24] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BTATH_VDP; C:\WINDOWS\system32\drivers\btath_vdp.sys [428008 2012-12-28] (Qualcomm Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-05-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-05-21] (Disc Soft Ltd)
S0 ebdrv; C:\WINDOWS\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-17] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2005-01-21] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-16] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-24] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 taphss6; C:\WINDOWS\system32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-17 18:17 - 2016-11-17 18:19 - 00023865 _____ C:\Users\Lucinka\Downloads\FRST.txt
2016-11-17 18:17 - 2016-11-17 18:17 - 00000000 ____D C:\FRST
2016-11-17 18:16 - 2016-11-17 18:16 - 02412032 _____ (Farbar) C:\Users\Lucinka\Downloads\FRST64.exe
2016-11-17 18:01 - 2016-11-17 18:01 - 00000000 ____D C:\rsit
2016-11-17 11:59 - 2016-11-17 12:00 - 01323520 _____ C:\Users\Lucinka\Downloads\RSITx64 (2).exe
2016-11-15 20:00 - 2016-11-15 20:00 - 00002824 _____ C:\WINDOWS\SysWOW64\ca.pem
2016-11-15 20:00 - 2016-11-15 20:00 - 00002269 _____ C:\WINDOWS\SysWOW64\cert.crt
2016-11-15 20:00 - 2016-11-15 20:00 - 00001679 _____ C:\WINDOWS\SysWOW64\keyfile.key
2016-11-15 19:53 - 2016-11-15 19:57 - 00000000 ____D C:\AdwCleaner
2016-11-15 19:51 - 2016-11-15 19:52 - 03910208 _____ C:\Users\Lucinka\Downloads\adwcleaner_6.030.exe
2016-11-15 17:54 - 2016-11-15 17:54 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\4BA22D69.sys
2016-11-15 17:27 - 2016-11-17 18:01 - 00000000 ____D C:\Program Files\trend micro
2016-11-15 17:26 - 2016-11-15 17:26 - 01323520 _____ C:\Users\Lucinka\Downloads\RSITx64.exe
2016-11-15 17:26 - 2016-11-15 17:26 - 01222144 _____ C:\Users\Lucinka\Downloads\RSITx64 (1).exe
2016-11-14 18:39 - 2016-11-17 18:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-14 18:33 - 2016-11-14 18:33 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-14 18:33 - 2016-11-14 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-14 18:33 - 2016-11-14 18:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-14 18:33 - 2016-11-14 18:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-14 18:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-14 18:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-14 18:32 - 2016-11-14 18:33 - 22851472 _____ (Malwarebytes ) C:\Users\Lucinka\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-14 18:00 - 2016-10-28 22:04 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-11-14 18:00 - 2016-10-28 22:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-13 12:22 - 2016-11-13 12:39 - 766870782 _____ C:\Users\Lucinka\Downloads\Ordinace v růžové zahradě 2 - 689. díl - Není všem dnům konec.avi
2016-11-10 18:18 - 2016-11-10 18:32 - 660605532 _____ C:\Users\Lucinka\Downloads\3124.dil_Ulice (10.11.2016, rodinny, CZ-serial).avi
2016-11-10 18:01 - 2016-11-10 18:18 - 770200086 _____ C:\Users\Lucinka\Downloads\Ordinace v růžové zahradě 2 - 688. díl - Rande století.avi
2016-11-10 17:36 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-10 17:36 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-10 17:36 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-10 17:36 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-10 17:36 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-10 17:36 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-10 17:36 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-10 17:36 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-10 17:36 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-10 17:36 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-10 17:36 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-10 17:36 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-10 17:36 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-10 17:36 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-10 17:36 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-10 17:36 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-10 17:36 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-10 17:36 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-10 17:36 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-10 17:36 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-10 17:36 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-10 17:36 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-10 17:36 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-10 17:36 - 2016-10-09 23:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-10 17:36 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-10 17:36 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-10 17:36 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-10 17:36 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-10 17:36 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-10 17:36 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2016-11-10 17:36 - 2016-09-09 23:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2016-11-10 17:36 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-11-10 17:36 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-11-10 17:36 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-11-10 17:36 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-11-10 17:36 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-11-10 17:36 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-11-10 17:36 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-11-10 17:36 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-11-10 17:36 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-11-10 17:36 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-10 17:35 - 2016-11-10 17:49 - 104456501 _____ C:\Users\Lucinka\Downloads\Ulice-3124-OD-SOUČKA-TOMÁŠE.avi.crdownload
2016-11-10 17:35 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-10 17:35 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-10 17:35 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-11-10 17:35 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-11-10 17:35 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-10 17:35 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-10 17:35 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-10 17:35 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-10 17:35 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-11-10 17:35 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-10 17:35 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-10 17:35 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-10 17:35 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-10 17:35 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-11-10 17:35 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-11-10 17:35 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-11-10 17:35 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-10 17:35 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-10 17:35 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-10 17:35 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-11-10 17:35 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-10 17:35 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-10 17:35 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-10 17:35 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-10 17:35 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-10 17:35 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-10 17:35 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-10 17:35 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-10 17:35 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-11-10 17:35 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-11-10 17:35 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-10 17:35 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-11-10 17:35 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-10 17:35 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-10 17:35 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-10 17:35 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-10 17:35 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-10 17:35 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-10 17:35 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-11-10 17:35 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-11-10 17:35 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-11-10 17:35 - 2016-09-09 14:38 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-10 17:35 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2016-11-10 17:35 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2016-11-10 17:35 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2016-11-10 17:35 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-10 17:35 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-11-10 17:35 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-10 17:35 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2016-11-10 17:35 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-11-10 16:46 - 2016-11-10 16:46 - 00000000 __SHD C:\found.005
2016-11-07 18:43 - 2016-11-07 18:43 - 00000000 __SHD C:\found.004
2016-11-07 18:43 - 2016-11-07 18:43 - 00000000 __SHD C:\found.003
2016-11-07 18:43 - 2016-11-07 18:43 - 00000000 __SHD C:\found.002
2016-11-07 18:43 - 2016-11-07 18:43 - 00000000 __SHD C:\found.001
2016-11-07 18:25 - 2016-11-07 18:32 - 345894380 _____ C:\Users\Lucinka\Downloads\Ordinace v růžové zahradě 2 687 Díl Zlodějka Datum 08.11.2016.avi
2016-10-29 17:51 - 2016-10-29 18:08 - 564677368 _____ C:\Users\Lucinka\Downloads\Odstíny lásky CZdab Drama Romantický, Německo, 2013.mp4
2016-10-24 16:47 - 2016-10-24 17:57 - 630984952 _____ C:\Users\Lucinka\Downloads\Ordinace-v-růžové-zahradě-2---683.-díl--Zákrok-na-míru-25,10,2016)-OD-SOUČKA-TOMÁŠE.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-17 18:01 - 2015-07-31 16:51 - 00000000 __RDO C:\Users\Lucinka\OneDrive
2016-11-17 18:00 - 2016-06-07 18:04 - 00000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2016-11-17 18:00 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-17 17:59 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-11-17 17:43 - 2013-12-12 16:07 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-17 17:26 - 2012-11-02 15:25 - 00000000 ____D C:\Users\Lucinka\Documents\Bluetooth Folder
2016-11-17 12:28 - 2015-06-18 09:28 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9C10C502-93E6-4E5A-B643-3ED73931FDA2}
2016-11-16 20:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-15 20:00 - 2015-10-02 12:21 - 04521856 _____ (PS Media s.r.o.) C:\WINDOWS\SysWOW64\ssins.exe
2016-11-15 19:57 - 2015-03-26 20:53 - 00000000 ____D C:\WINDOWS\system32\log
2016-11-15 19:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-11-15 19:17 - 2013-02-02 13:11 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-276115832-903891615-3267707726-1001
2016-11-15 18:15 - 2012-11-29 21:18 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 19:16 - 2015-06-17 09:48 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-11-14 19:12 - 2014-01-09 21:33 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2016-11-14 19:12 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-11-14 19:12 - 2013-01-13 12:20 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-11-14 17:58 - 2013-08-22 15:44 - 00482256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-14 17:52 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-11-14 17:32 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-14 17:30 - 2013-04-13 15:20 - 00000000 ____D C:\Users\Lucinka\AppData\Local\ElevatedDiagnostics
2016-11-14 17:24 - 2014-11-21 05:53 - 01770034 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-14 17:24 - 2014-11-21 05:10 - 00748250 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-14 17:24 - 2014-11-21 05:10 - 00155000 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-13 12:29 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-13 12:27 - 2013-12-19 19:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-13 11:50 - 2012-12-15 18:14 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-10 17:43 - 2013-12-12 16:07 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-10 17:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-10 17:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-09 18:31 - 2015-05-14 11:15 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-04 18:58 - 2015-11-23 17:00 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-04 18:57 - 2012-12-01 19:18 - 00000000 ____D C:\Users\Lucinka\AppData\Local\CrashDumps
2016-11-03 20:03 - 2013-02-19 14:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-03 19:50 - 2015-11-20 08:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-31 18:59 - 2012-11-29 21:17 - 00000000 ____D C:\Users\Lucinka\AppData\Local\Google
2016-10-30 16:43 - 2014-12-26 14:20 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-30 16:43 - 2014-11-21 13:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-10-30 16:43 - 2013-12-22 16:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-29 21:38 - 2013-01-12 16:31 - 00000000 ____D C:\Users\Lucinka\Desktop\Filmy
2016-10-28 18:56 - 2013-02-19 14:58 - 00000000 ____D C:\Users\Lucinka\AppData\Roaming\Skype
2016-10-21 17:13 - 2013-02-19 14:58 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2016-09-26 09:46 - 2015-04-25 19:30 - 0006026 _____ () C:\Program Files (x86)\current.btskin
2016-09-26 09:47 - 2016-09-26 09:47 - 0000581 _____ () C:\Program Files (x86)\dht.dat
2016-09-26 09:47 - 2016-09-26 09:47 - 0000058 _____ () C:\Program Files (x86)\resume.dat
2016-09-26 09:47 - 2016-09-26 09:47 - 0000099 _____ () C:\Program Files (x86)\rss.dat
2016-09-26 09:46 - 2016-09-26 09:47 - 0005288 _____ () C:\Program Files (x86)\settings.dat
2016-09-26 09:46 - 2016-09-26 09:46 - 0003895 _____ () C:\Program Files (x86)\settings.dat.old
2016-09-26 09:46 - 2015-04-25 19:30 - 0027702 _____ () C:\Program Files (x86)\toolbar.bmp
2016-09-26 09:46 - 2015-04-25 19:30 - 0294312 _____ (emc) C:\Program Files (x86)\uninstall.exe
2016-09-26 09:46 - 2015-04-25 19:30 - 0189387 _____ () C:\Program Files (x86)\utorrent-221-25534.chm
2016-09-26 09:46 - 2015-02-22 20:30 - 0416168 _____ (BitTorrent, Inc.) C:\Program Files (x86)\utorrent.exe
2016-09-26 09:46 - 2015-04-25 19:30 - 0039237 _____ () C:\Program Files (x86)\utorrent.lng
2016-09-26 09:46 - 2015-04-25 19:30 - 0000049 _____ () C:\Program Files (x86)\utorrent.url
2016-09-26 09:46 - 2015-04-25 19:30 - 0184512 _____ () C:\Program Files (x86)\webui.zip
2015-05-15 08:06 - 2015-10-01 16:55 - 0000024 _____ () C:\Users\Lucinka\AppData\Roaming\appdataFr25.bin
2015-03-07 12:17 - 2015-05-13 13:47 - 0000020 _____ () C:\Users\Lucinka\AppData\Roaming\appdataFr3.bin
2015-12-13 18:16 - 2015-12-13 18:16 - 0262123 _____ () C:\Users\Lucinka\AppData\Roaming\Error.log
2013-01-12 17:45 - 2013-01-13 11:10 - 0099384 _____ () C:\Users\Lucinka\AppData\Roaming\inst.exe
2013-01-12 17:45 - 2013-01-13 11:10 - 0007859 _____ () C:\Users\Lucinka\AppData\Roaming\pcouffin.cat
2013-01-12 17:45 - 2013-01-13 11:10 - 0001167 _____ () C:\Users\Lucinka\AppData\Roaming\pcouffin.inf
2013-01-12 17:45 - 2013-01-13 11:10 - 0000055 _____ () C:\Users\Lucinka\AppData\Roaming\pcouffin.log
2013-01-12 17:45 - 2013-01-13 11:10 - 0082816 _____ (VSO Software) C:\Users\Lucinka\AppData\Roaming\pcouffin.sys
2015-07-21 09:56 - 2015-07-21 09:56 - 0000804 _____ () C:\Users\Lucinka\AppData\Local\Temp-log.txt
2013-02-19 15:03 - 2013-02-19 15:03 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2015-11-09 14:55 - 2015-11-09 14:55 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-17 17:28

==================== End of FRST.txt ============================

Re: Zastupci na flashce

Napsal: 17 lis 2016 19:50
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [NPSStartup] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-276115832-903891615-3267707726-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-276115832-903891615-3267707726-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll => No File
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [No File]
CHR Plugin: (Shockwave Flash) - C:\Users\Lucinka\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll => No File
EngineRunner (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5a601a1}) (Version: - Software Publisher) <==== ATTENTION
Trust Media Viewer (HKLM-x32\...\TrustMediaViewerV1alpha3665) (Version: 1.1 - Trust Media Viewer) <==== ATTENTION
Task: {292776FF-26AE-42EB-9A0E-513E33FD065B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
C:\Windows\AutoKMS.exe
Task: {CF5ADDD9-6BEE-4076-A933-C0E597684257} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25] (Google Inc.)
Task: {D6B6E1ED-E032-463A-B966-CE1656E57BAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-25] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Temp:04EAB86F [129]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [119]
AlternateDataStreams: C:\ProgramData\Temp:38D2EA83 [120]
AlternateDataStreams: C:\ProgramData\Temp:394EB021 [284]
AlternateDataStreams: C:\ProgramData\Temp:55E82CAF [119]
AlternateDataStreams: C:\ProgramData\Temp:9E3D44B7 [146]
AlternateDataStreams: C:\ProgramData\Temp:E1D06077 [256]

EmptyTemp:
End
Uložte do C:\Users\Lucinka\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zastupci na flashce

Napsal: 17 lis 2016 20:11
od Lucie1818
Vše jsem udělala, ale neobjevil se mi po skončení žádný log.

Počítač se jen restartoval.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz