Zdravim, bohuzel se mi dostal do PC nejaky vir. Vytvoril mi na plose 2 zastupce na hry, ktere hraju. Vsiml jsem si toho a smazal jsem to. Nicmene prohlizec otevira nevyzadane stranky.
Nefunguje mi odkaz http://viry.xf.cz/pro_usery/FRSTLauncher.exe a proto vkladam alespon log RSIT.
Log v priloze, je moc dlouhy.
Dekuji za pomoc.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vir v PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Vir v PC
- Přílohy
-
- logrsit.rar
- (19.53 KiB) Staženo 59 x
Re: Vir v PC
ahoj,
vycisti PC s MBAM
vycisti PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vir v PC
Vycisteno, restartovan pc.
Vypada to, ze je vse v poradku. Pro jistotu znovu log:
Logfile of random's system information tool 1.14 (written by random/random)
Run by pc1 at 2016-12-05 15:05:28
Microsoft Windows 8.1
System drive C: has 9 GB (8%) free of 106 GB
Total RAM: 16337 MB (84% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:05:29, on 5. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\Program Files\trend micro\pc1_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ic.loadblanks.ru/c/02037a282dd7fbaf?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\_PROGRAMY\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\_PROGRAMY\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] E:\_PROGRAMY\CorelDraw\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072115 serial=DR12CNC-8301292-WBN lang=CZ
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Bonus.SSR.FR12] "E:\_PROGRAMY\ABBYY FineReader\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\_PROGRAMY\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A7537B550D3FA365694F60CD3F931EF4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Innkeeper] C:\Users\doma\AppData\Local\Innkeeper\Update.exe --processStart Innkeeper.exe --process-start-args="-startup"
O4 - HKCU\..\Run: [Clownfish] "E:\_PROGRAMY\Clownfish.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://E:\_PROGRAMY\Office 2013\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://E:\_PROGRAMY\Office 2013\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - E:\_PROGRAMY\eDoklady Skenování\iehelper.html
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2013/11/06 11:26:06 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\_PROGRAMY\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\_PROGRAMY\Origin\OriginWebHelperService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Plays.tv Update Service (PlaysService) (PlaysService) - Copyright (c) 2016 Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - E:\_PROGRAMY\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
--
End of file - 16999 bytes
======Enumerating Processes======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"E:\_PROGRAMY\Samsung Link\Samsung Link.exe"
"E:\_PROGRAMY\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\IDT\WDM\sttray64.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\rundll32.exe" xrWCbgnd.dll,LaunchBgTask 1
"C:\Windows\System32\rundll32.exe" "E:\_PROGRAMY\Stardock Fences\FencesMenu64.dll",StartFences
C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\doma\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --enable-begin-frame-scheduling --primordial-pipe-token=844ACBB95A8AAA47171B54B7F2BB1232 --lang=en-US --lang=en-US --log-file="C:\Users\doma\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="6544.0.364422355\702846804" --mojo-platform-channel-handle=1280 /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv.exe" --log_to_file --from_stub --startup
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.0.1003279225\551797515" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.1.571382417\1487145077" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.2.1937049934\2041392464" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.3.943982432\1089821798" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\plays_ep64.exe" 7048
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\doma\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0420ddde1836b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d090c4772241d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8c4ba92ed0ff.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForpc1.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForpc1 (null)
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CLMLSvc_P2G8 - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\WINDOWS\system32\tasks\CLVDLauncher - c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0420ddde1836b - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d090c4772241d - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8c4ba92ed0ff - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\HPCeeScheduleForpc1 - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForpc1 (null)
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1390670774 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1455040619 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\{DCDEA749-A26F-468C-A1B6-3E64721C2CF4} - C:\WINDOWS\system32\pcalua.exe -a "E:\_HRY\Mafia 1\Game.exe" -d "E:\_HRY\Mafia 1"
C:\WINDOWS\system32\tasks\Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default
prefs.js - "browser.startup.homepage" - "http://ic.loadblanks.ru/c/02037a282dd7fbaf?"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.72.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\_PROGRAMY\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.72.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\_PROGRAMY\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\_PROGRAMY\Microsoft Office 2013\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\addons.json
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions.json
Fast search - extension - amcontextmenu@loucypher -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\pluginreg.dat
Plugin - Google Update - 1.3.27.5 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Microsoft Office 2013 - 15.0.4703.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - iTunes Application Detector - 1.0.1.1 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Java(TM) Platform SE 7 U51 - 10.51.2.13 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.510.13 - 10.51.2.13 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
Plugin - Microsoft Office 2013 - 15.0.4514.1000 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
Plugin - Photo Gallery - 16.4.3505.912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
=========Google Chrome=========
C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aknpkdffaafgjchaibgeefbgmgeghloj 1 Angry Birds 1.5.0.8
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.16
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.12.4
Extension chmimgmjdabgiilljdjfbonifbhiglao
Extension ckibcdccnfeookdmbahgiakhnjcddpki 0 Rozšíření pro webové stránky - WP Screenshot 14.5.1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dhdgffkkebhmkfjojejmpbldmpobfkfo 0 Tampermonkey 4.1.10
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 10.2.0.190
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fjnbnpbmkenffdnngjfgmeleoegfcffe
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 10.2.0.190
Extension gonbigodpnfghidmnphnadhepmbabhij 0 Cryptocat 2.2.2
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nhjgdbihpkphlammdaeicdemggagfbdo 0 Iomods 2.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension ojhbgcchcbdjdenibfmjofobklkkhofc 1 Simple EPUB Reader 4.3
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.8.4
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pbdpajcdgknpendpmecafmopknefafha 0 Fast search 1.1.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CE8B45E-1E3D-4315-8FC0-1183A6CB6178}]
"URL"=http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8CE8B45E-1E3D-4315-8FC0-1183A6CB6178}]
"URL"=http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - E:\_PROGRAMY\Microsoft Office 2013\Office15\OCHelper.dll [2016-10-18 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-07 902624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - E:\_PROGRAMY\Microsoft Office 2013\Office15\GROOVEEX.DLL [2016-10-11 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\_PROGRAMY\bin\ssv.dll [2016-02-03 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-07 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-10-11 1743664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\_PROGRAMY\bin\jp2ssv.dll [2016-02-03 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2014-10-14 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-10-14 1703424]
"XeroxEndeavorBackgroundTask"=xrWCbgnd.dll,LaunchBgTask 1 []
"Fences"=E:\_PROGRAMY\Stardock Fences\Fences.exe [2013-11-26 4031152]
"Samsung Link"=E:\_PROGRAMY\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 607584]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 170256]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-10-25 1852352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=E:\_PROGRAMY\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"GoogleChromeAutoLaunch_A7537B550D3FA365694F60CD3F931EF4"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-11-08 921192]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"Innkeeper"=C:\Users\doma\AppData\Local\Innkeeper\Update.exe [2015-11-05 1888136]
"Clownfish"=E:\_PROGRAMY\Clownfish.exe [2016-03-28 1368304]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2012-07-16 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2012-07-16 3984896]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-11-28 25838592]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"CorelDRAW Graphics Suite 11b"=E:\_PROGRAMY\CorelDraw\Languages\CZ\Programs\Registration.exe [2004-06-22 729088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"Bonus.SSR.FR12"=E:\_PROGRAMY\ABBYY FineReader\Bonus.ScreenshotReader.exe [2015-08-17 1521440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-11-18 51984]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\_PROGRAMY\Stardock Fences\FencesMenu64.dll [2013-11-26 521904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-12-05 13:14:42 ----D---- C:\rsit
2016-12-05 13:14:42 ----D---- C:\Program Files\trend micro
2016-12-04 17:15:51 ----D---- C:\Users\doma\AppData\Roaming\SPI
2016-12-04 17:06:12 ----RASHD---- C:\ProgramData\Key-Base
2016-12-04 17:06:12 ----D---- C:\ProgramData\{2ECF3A4B-1EC7-77AD-2016-04B81648AD24}
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2016-11-13 09:43:50 ----D---- C:\Users\doma\AppData\Roaming\Screaming Bee
2016-11-13 09:43:50 ----D---- C:\ProgramData\Screaming Bee
2016-11-10 08:10:23 ----D---- C:\Program Files (x86)\Origin Games
2016-11-09 08:25:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 08:25:43 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 08:25:42 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 08:25:42 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 08:25:38 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 08:25:38 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 08:25:38 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 08:25:38 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 08:25:37 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 08:25:36 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 08:25:36 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 08:25:35 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 08:25:28 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 08:25:28 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 08:25:27 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 08:25:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 08:25:26 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 08:25:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2016-12-05 15:05:23 ----D---- C:\WINDOWS\Temp
2016-12-05 15:04:34 ----RD---- C:\WINDOWS\System32
2016-12-05 15:04:34 ----D---- C:\WINDOWS\Inf
2016-12-05 15:04:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-05 15:03:03 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-12-05 15:00:18 ----D---- C:\WINDOWS\Prefetch
2016-12-05 15:00:00 ----D---- C:\WINDOWS\system32\sru
2016-12-05 14:58:06 ----D---- C:\Users\doma\AppData\Roaming\PlaysTV
2016-12-05 14:58:04 ----D---- C:\ProgramData\NVIDIA
2016-12-05 14:57:14 ----D---- C:\WINDOWS\system32\drivers
2016-12-05 14:30:30 ----RD---- C:\WINDOWS\DesktopTileResources
2016-12-05 14:30:30 ----RD---- C:\Program Files (x86)
2016-12-05 14:00:51 ----D---- C:\Users\doma\AppData\Roaming\TS3Client
2016-12-05 13:14:42 ----RD---- C:\Program Files
2016-12-05 08:14:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-04 17:06:12 ----HD---- C:\ProgramData
2016-12-04 15:32:16 ----D---- C:\Users\doma\AppData\Roaming\NCH Software
2016-12-04 15:32:15 ----D---- C:\ProgramData\NCH Software
2016-12-04 15:32:15 ----D---- C:\Program Files (x86)\NCH Software
2016-12-03 11:42:53 ----D---- C:\WINDOWS\system32\NDF
2016-12-03 10:22:05 ----SHD---- C:\System Volume Information
2016-11-30 20:36:55 ----D---- C:\Program Files (x86)\Dropbox
2016-11-30 07:24:48 ----D---- C:\WINDOWS\Tasks
2016-11-30 07:24:48 ----D---- C:\WINDOWS\system32\Tasks
2016-11-29 17:30:13 ----SHD---- C:\WINDOWS\Installer
2016-11-29 17:30:13 ----HD---- C:\Config.Msi
2016-11-27 21:03:27 ----D---- C:\Users\doma\AppData\Roaming\Origin
2016-11-27 09:39:34 ----D---- C:\WINDOWS\system32\config
2016-11-27 08:43:27 ----D---- C:\ProgramData\Origin
2016-11-26 14:45:24 ----D---- C:\Users\doma\AppData\Roaming\Notepad++
2016-11-24 14:53:41 ----D---- C:\Program Files (x86)\Opera
2016-11-23 08:45:50 ----HD---- C:\Program Files\WindowsApps
2016-11-23 08:45:50 ----D---- C:\WINDOWS\AppReadiness
2016-11-22 19:23:12 ----D---- C:\Users\doma\AppData\Roaming\Skype
2016-11-22 19:22:56 ----D---- C:\ProgramData\Skype
2016-11-22 19:22:54 ----RD---- C:\Program Files (x86)\Skype
2016-11-18 07:19:02 ----D---- C:\WINDOWS\SysWOW64
2016-11-18 07:19:02 ----D---- C:\ProgramData\Package Cache
2016-11-13 09:03:16 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-12 07:57:06 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-11 07:21:38 ----D---- C:\WINDOWS\system32\catroot2
2016-11-09 13:29:54 ----D---- C:\WINDOWS\rescache
2016-11-09 11:55:24 ----D---- C:\WINDOWS\WinSxS
2016-11-09 09:25:45 ----RD---- C:\WINDOWS\ToastData
2016-11-09 09:25:45 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 09:25:45 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 09:25:45 ----D---- C:\WINDOWS\system32\migration
2016-11-09 09:25:45 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 09:25:45 ----D---- C:\Program Files\Internet Explorer
2016-11-09 09:25:45 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 09:04:26 ----D---- C:\ProgramData\Microsoft Help
2016-11-09 09:03:18 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 08:48:37 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 08:45:58 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 08:17:10 ----D---- C:\Windows
2016-11-08 18:32:12 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 18:32:11 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 13:17:19 ----RSD---- C:\WINDOWS\assembly
2016-11-08 13:15:34 ----A---- C:\WINDOWS\win.ini
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-07 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-05-07 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-05-07 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-07 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-05-07 465792]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 dtsoftbus01;@oem61.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-27 283064]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2015-09-08 964392]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [2015-09-08 117768]
R1 VBoxNetLwf;@oem109.inf,%VBoxNetLwfService_Desc%;VirtualBox NDIS6 Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [2015-09-08 146072]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2015-09-08 138904]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-07 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-07 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-05-07 166432]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R3 AmUStor;@oem50.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2016-03-22 91928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 MEIx64;@oem95.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-14 99288]
R3 NVHDA;@oem79.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-10-26 212936]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-10-25 14033976]
R3 nvvad_WaveExtensible;@oem106.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-10-25 46016]
R3 RTL8168;@oem96.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-10-14 816344]
R3 ScreamBAudioSvc;@oem110.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2014-02-07 38992]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-10-14 550912]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 VCSVADHWSer;@oem105.inf,%DeviceName% (WDM);Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S2 vcs;vcs; \??\C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [2016-04-01 4096]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 dot4;@oem55.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem57.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem55.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 htcnprot;@oem72.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem75.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-25 27584]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe [2015-07-02 965848]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-07 243296]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-11-28 42096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-10-10 9728]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2014-10-29 33088]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-15 29728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-14 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-14 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-14 390616]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-14 786256]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\System32\HPZinw12.dll
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-25 458176]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-25 1163712]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PlaysService;Plays.tv Update Service (PlaysService); C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-11-18 55056]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\System32\HPZipm12.dll
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Samsung Link Service;Samsung Link Service; E:\_PROGRAMY\Samsung Link\Samsung Link.exe [2015-03-18 616288]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-10-14 337920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2014-10-29 33088]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2013/11/06 11:26:06; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; E:\_PROGRAMY\Origin\OriginWebHelperService.exe [2016-11-27 2180624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-11-25 1454088]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 644880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S3 Origin Client Service;Origin Client Service; E:\_PROGRAMY\Origin\OriginClientService.exe [2016-11-27 2119688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
-----------------EOF-----------------
Vypada to, ze je vse v poradku. Pro jistotu znovu log:
Logfile of random's system information tool 1.14 (written by random/random)
Run by pc1 at 2016-12-05 15:05:28
Microsoft Windows 8.1
System drive C: has 9 GB (8%) free of 106 GB
Total RAM: 16337 MB (84% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:05:29, on 5. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\Program Files\trend micro\pc1_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ic.loadblanks.ru/c/02037a282dd7fbaf?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\_PROGRAMY\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\_PROGRAMY\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Launcher6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015N
O4 - HKLM\..\Run: [6015N RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015N] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] E:\_PROGRAMY\CorelDraw\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=072115 serial=DR12CNC-8301292-WBN lang=CZ
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Bonus.SSR.FR12] "E:\_PROGRAMY\ABBYY FineReader\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\_PROGRAMY\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A7537B550D3FA365694F60CD3F931EF4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Innkeeper] C:\Users\doma\AppData\Local\Innkeeper\Update.exe --processStart Innkeeper.exe --process-start-args="-startup"
O4 - HKCU\..\Run: [Clownfish] "E:\_PROGRAMY\Clownfish.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://E:\_PROGRAMY\Office 2013\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://E:\_PROGRAMY\Office 2013\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - E:\_PROGRAMY\eDoklady Skenování\iehelper.html
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2013/11/06 11:26:06 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: Origin Client Service - Electronic Arts - E:\_PROGRAMY\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - E:\_PROGRAMY\Origin\OriginWebHelperService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Plays.tv Update Service (PlaysService) (PlaysService) - Copyright (c) 2016 Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - E:\_PROGRAMY\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
--
End of file - 16999 bytes
======Enumerating Processes======
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe"
"C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\dashost.exe
"E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -l 3 -c
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"E:\_PROGRAMY\Samsung Link\Samsung Link.exe"
"E:\_PROGRAMY\Samsung Link\Samsung Link.exe" "Samsung Link Service" __i4j_restart
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\IDT\WDM\sttray64.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\rundll32.exe" xrWCbgnd.dll,LaunchBgTask 1
"C:\Windows\System32\rundll32.exe" "E:\_PROGRAMY\Stardock Fences\FencesMenu64.dll",StartFences
C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\doma\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe" -Embedding
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015N,hide,\S
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --disable-gpu-compositing --no-sandbox --enable-begin-frame-scheduling --primordial-pipe-token=844ACBB95A8AAA47171B54B7F2BB1232 --lang=en-US --lang=en-US --log-file="C:\Users\doma\AppData\Local\NVIDIA Corporation\NVIDIA Share\CefCache\debug.log" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="6544.0.364422355\702846804" --mojo-platform-channel-handle=1280 /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\PROGRA~2\RAPTRI~1\PlaysTV\playstv.exe" --log_to_file --from_stub --startup
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.0.1003279225\551797515" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.1.571382417\1487145077" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.2.1937049934\2041392464" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="7048.3.943982432\1089821798" /prefetch:1
"C:\PROGRA~2\RAPTRI~1\PlaysTV\plays_ep64.exe" 7048
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\doma\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0420ddde1836b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d090c4772241d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cf8c4ba92ed0ff.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForpc1.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForpc1 (null)
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -check pepperplugin
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CLMLSvc_P2G8 - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\WINDOWS\system32\tasks\CLVDLauncher - c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d0420ddde1836b - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d090c4772241d - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1cf8c4ba92ed0ff - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\HPCeeScheduleForpc1 - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForpc1 (null)
C:\WINDOWS\system32\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
C:\WINDOWS\system32\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
C:\WINDOWS\system32\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
C:\WINDOWS\system32\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1390670774 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1455040619 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\{DCDEA749-A26F-468C-A1B6-3E64721C2CF4} - C:\WINDOWS\system32\pcalua.exe -a "E:\_HRY\Mafia 1\Game.exe" -d "E:\_HRY\Mafia 1"
C:\WINDOWS\system32\tasks\Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\WINDOWS\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default
prefs.js - "browser.startup.homepage" - "http://ic.loadblanks.ru/c/02037a282dd7fbaf?"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.72.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\_PROGRAMY\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.72.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\_PROGRAMY\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\_PROGRAMY\Microsoft Office 2013\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\addons.json
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions.json
Fast search - extension - amcontextmenu@loucypher -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kfgpn7fo.default\pluginreg.dat
Plugin - Google Update - 1.3.27.5 - C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.11.18 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Microsoft Office 2013 - 15.0.4703.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - iTunes Application Detector - 1.0.1.1 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Java(TM) Platform SE 7 U51 - 10.51.2.13 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.510.13 - 10.51.2.13 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
Plugin - Microsoft Office 2013 - 15.0.4514.1000 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
Plugin - Photo Gallery - 16.4.3505.912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
=========Google Chrome=========
C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aknpkdffaafgjchaibgeefbgmgeghloj 1 Angry Birds 1.5.0.8
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.16
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cfhdojbkjhnklbpkdaibdccddilifddb 1 Adblock Plus 1.12.4
Extension chmimgmjdabgiilljdjfbonifbhiglao
Extension ckibcdccnfeookdmbahgiakhnjcddpki 0 Rozšíření pro webové stránky - WP Screenshot 14.5.1
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dhdgffkkebhmkfjojejmpbldmpobfkfo 0 Tampermonkey 4.1.10
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 10.2.0.190
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fjnbnpbmkenffdnngjfgmeleoegfcffe
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 0 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 10.2.0.190
Extension gonbigodpnfghidmnphnadhepmbabhij 0 Cryptocat 2.2.2
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nhjgdbihpkphlammdaeicdemggagfbdo 0 Iomods 2.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension ojhbgcchcbdjdenibfmjofobklkkhofc 1 Simple EPUB Reader 4.3
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.8.4
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pbdpajcdgknpendpmecafmopknefafha 0 Fast search 1.1.3
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... c=HPDTDFJS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CE8B45E-1E3D-4315-8FC0-1183A6CB6178}]
"URL"=http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8CE8B45E-1E3D-4315-8FC0-1183A6CB6178}]
"URL"=http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - E:\_PROGRAMY\Microsoft Office 2013\Office15\OCHelper.dll [2016-10-18 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-07 902624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - E:\_PROGRAMY\Microsoft Office 2013\Office15\GROOVEEX.DLL [2016-10-11 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - E:\_PROGRAMY\bin\ssv.dll [2016-02-03 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-07 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-10-11 1743664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\_PROGRAMY\bin\jp2ssv.dll [2016-02-03 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2014-10-14 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-10-14 1703424]
"XeroxEndeavorBackgroundTask"=xrWCbgnd.dll,LaunchBgTask 1 []
"Fences"=E:\_PROGRAMY\Stardock Fences\Fences.exe [2013-11-26 4031152]
"Samsung Link"=E:\_PROGRAMY\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 607584]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 170256]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-10-25 1852352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=E:\_PROGRAMY\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"GoogleChromeAutoLaunch_A7537B550D3FA365694F60CD3F931EF4"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-11-08 921192]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"Innkeeper"=C:\Users\doma\AppData\Local\Innkeeper\Update.exe [2015-11-05 1888136]
"Clownfish"=E:\_PROGRAMY\Clownfish.exe [2016-03-28 1368304]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"Launcher6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-05-19 2571264]
"6015N RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2012-07-16 355840]
"StatusAutoRun6015N"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2012-07-16 3984896]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-11-28 25838592]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"CorelDRAW Graphics Suite 11b"=E:\_PROGRAMY\CorelDraw\Languages\CZ\Programs\Registration.exe [2004-06-22 729088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-27 7408312]
"Bonus.SSR.FR12"=E:\_PROGRAMY\ABBYY FineReader\Bonus.ScreenshotReader.exe [2015-08-17 1521440]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-11-18 51984]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - E:\_PROGRAMY\Stardock Fences\FencesMenu64.dll [2013-11-26 521904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-12-05 14:21:06 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-12-05 13:14:42 ----D---- C:\rsit
2016-12-05 13:14:42 ----D---- C:\Program Files\trend micro
2016-12-04 17:15:51 ----D---- C:\Users\doma\AppData\Roaming\SPI
2016-12-04 17:06:12 ----RASHD---- C:\ProgramData\Key-Base
2016-12-04 17:06:12 ----D---- C:\ProgramData\{2ECF3A4B-1EC7-77AD-2016-04B81648AD24}
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2016-11-28 15:05:42 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2016-11-13 09:43:50 ----D---- C:\Users\doma\AppData\Roaming\Screaming Bee
2016-11-13 09:43:50 ----D---- C:\ProgramData\Screaming Bee
2016-11-10 08:10:23 ----D---- C:\Program Files (x86)\Origin Games
2016-11-09 08:25:44 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 08:25:43 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 08:25:42 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 08:25:42 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 08:25:41 ----A---- C:\WINDOWS\system32\diagtrack.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 08:25:40 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 08:25:39 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 08:25:38 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 08:25:38 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 08:25:38 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2016-11-09 08:25:38 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2016-11-09 08:25:37 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\SessEnv.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2016-11-09 08:25:37 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 08:25:36 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2016-11-09 08:25:36 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\pdh.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 08:25:36 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\pdh.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 08:25:35 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 08:25:35 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\iscsiexe.dll
2016-11-09 08:25:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\localspl.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2016-11-09 08:25:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 08:25:32 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\SYSWOW64\iscsidsc.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\xolehlp.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\iscsidsc.dll
2016-11-09 08:25:31 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 08:25:28 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 08:25:28 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 08:25:27 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-11-09 08:25:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 08:25:26 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-11-09 08:25:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\netlogon.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 08:25:25 ----A---- C:\WINDOWS\system32\certcli.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-11-09 08:25:24 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\jscript.dll
2016-11-09 08:25:23 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 08:25:22 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2016-12-05 15:05:23 ----D---- C:\WINDOWS\Temp
2016-12-05 15:04:34 ----RD---- C:\WINDOWS\System32
2016-12-05 15:04:34 ----D---- C:\WINDOWS\Inf
2016-12-05 15:04:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-05 15:03:03 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-12-05 15:00:18 ----D---- C:\WINDOWS\Prefetch
2016-12-05 15:00:00 ----D---- C:\WINDOWS\system32\sru
2016-12-05 14:58:06 ----D---- C:\Users\doma\AppData\Roaming\PlaysTV
2016-12-05 14:58:04 ----D---- C:\ProgramData\NVIDIA
2016-12-05 14:57:14 ----D---- C:\WINDOWS\system32\drivers
2016-12-05 14:30:30 ----RD---- C:\WINDOWS\DesktopTileResources
2016-12-05 14:30:30 ----RD---- C:\Program Files (x86)
2016-12-05 14:00:51 ----D---- C:\Users\doma\AppData\Roaming\TS3Client
2016-12-05 13:14:42 ----RD---- C:\Program Files
2016-12-05 08:14:56 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-04 17:06:12 ----HD---- C:\ProgramData
2016-12-04 15:32:16 ----D---- C:\Users\doma\AppData\Roaming\NCH Software
2016-12-04 15:32:15 ----D---- C:\ProgramData\NCH Software
2016-12-04 15:32:15 ----D---- C:\Program Files (x86)\NCH Software
2016-12-03 11:42:53 ----D---- C:\WINDOWS\system32\NDF
2016-12-03 10:22:05 ----SHD---- C:\System Volume Information
2016-11-30 20:36:55 ----D---- C:\Program Files (x86)\Dropbox
2016-11-30 07:24:48 ----D---- C:\WINDOWS\Tasks
2016-11-30 07:24:48 ----D---- C:\WINDOWS\system32\Tasks
2016-11-29 17:30:13 ----SHD---- C:\WINDOWS\Installer
2016-11-29 17:30:13 ----HD---- C:\Config.Msi
2016-11-27 21:03:27 ----D---- C:\Users\doma\AppData\Roaming\Origin
2016-11-27 09:39:34 ----D---- C:\WINDOWS\system32\config
2016-11-27 08:43:27 ----D---- C:\ProgramData\Origin
2016-11-26 14:45:24 ----D---- C:\Users\doma\AppData\Roaming\Notepad++
2016-11-24 14:53:41 ----D---- C:\Program Files (x86)\Opera
2016-11-23 08:45:50 ----HD---- C:\Program Files\WindowsApps
2016-11-23 08:45:50 ----D---- C:\WINDOWS\AppReadiness
2016-11-22 19:23:12 ----D---- C:\Users\doma\AppData\Roaming\Skype
2016-11-22 19:22:56 ----D---- C:\ProgramData\Skype
2016-11-22 19:22:54 ----RD---- C:\Program Files (x86)\Skype
2016-11-18 07:19:02 ----D---- C:\WINDOWS\SysWOW64
2016-11-18 07:19:02 ----D---- C:\ProgramData\Package Cache
2016-11-13 09:03:16 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-12 07:57:06 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-11 07:21:38 ----D---- C:\WINDOWS\system32\catroot2
2016-11-09 13:29:54 ----D---- C:\WINDOWS\rescache
2016-11-09 11:55:24 ----D---- C:\WINDOWS\WinSxS
2016-11-09 09:25:45 ----RD---- C:\WINDOWS\ToastData
2016-11-09 09:25:45 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 09:25:45 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 09:25:45 ----D---- C:\WINDOWS\system32\migration
2016-11-09 09:25:45 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 09:25:45 ----D---- C:\Program Files\Internet Explorer
2016-11-09 09:25:45 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 09:04:26 ----D---- C:\ProgramData\Microsoft Help
2016-11-09 09:03:18 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 08:48:37 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 08:45:58 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 08:17:10 ----D---- C:\Windows
2016-11-08 18:32:12 ----D---- C:\WINDOWS\system32\Macromed
2016-11-08 18:32:11 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-11-08 13:17:19 ----RSD---- C:\WINDOWS\assembly
2016-11-08 13:15:34 ----A---- C:\WINDOWS\win.ini
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-07 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-05-07 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-05-07 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-07 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-05-07 465792]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 dtsoftbus01;@oem61.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-01-27 283064]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2015-09-08 964392]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [2015-09-08 117768]
R1 VBoxNetLwf;@oem109.inf,%VBoxNetLwfService_Desc%;VirtualBox NDIS6 Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [2015-09-08 146072]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2015-09-08 138904]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-07 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-07 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-05-07 166432]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R3 AmUStor;@oem50.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2016-03-22 91928]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 MEIx64;@oem95.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2014-10-14 99288]
R3 NVHDA;@oem79.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-10-26 212936]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-10-25 14033976]
R3 nvvad_WaveExtensible;@oem106.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-10-25 46016]
R3 RTL8168;@oem96.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-10-14 816344]
R3 ScreamBAudioSvc;@oem110.inf,%sbee_audio.SvcDesc%;ScreamBee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys [2014-02-07 38992]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-10-14 550912]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 VCSVADHWSer;@oem105.inf,%DeviceName% (WDM);Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S2 vcs;vcs; \??\C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [2016-04-01 4096]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 dot4;@oem55.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem57.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem55.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 htcnprot;@oem72.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem75.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-10-25 27584]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; E:\_PROGRAMY\ABBYY FineReader\NetworkLicenseServer.exe [2015-07-02 965848]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-07 243296]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-11-28 42096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2016-10-10 9728]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2014-10-29 33088]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-08-15 29728]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-10-14 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-10-14 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-10-14 390616]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-14 786256]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\System32\HPZinw12.dll
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-25 458176]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-25 1163712]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PlaysService;Plays.tv Update Service (PlaysService); C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-11-18 55056]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\System32\HPZipm12.dll
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Samsung Link Service;Samsung Link Service; E:\_PROGRAMY\Samsung Link\Samsung Link.exe [2015-03-18 616288]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-10-14 337920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2014-10-29 33088]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2013/11/06 11:26:06; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; E:\_PROGRAMY\Origin\OriginWebHelperService.exe [2016-11-27 2180624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08 270016]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-16 50864]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-11-25 1454088]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 644880]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-25 456640]
S3 Origin Client Service;Origin Client Service; E:\_PROGRAMY\Origin\OriginClientService.exe [2016-11-27 2119688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
-----------------EOF-----------------
Re: Vir v PC
Doporucujem este vycistit registre s CCleanerom a hotovo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?