URL:Mal

[zail]

Zdravim neustale kdykoliv zapnu pocitac avast hlasi ze tam mam tento vir viz priloha.

predem podotykam windows je pravy licencovany

Predem dekuji

zde posilam vipis z rsit

Logfile of random's system information tool 1.09 (written by random/random)
Run by zail at 2014-09-02 14:00:24
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (19%) free of 108 GB
Total RAM: 8191 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:00:26, on 02.09.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
E:\kies\Kies\Kies.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe
E:\lol replay\LOLReplay\LOLRecorder.exe
C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\avast\avastui.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\ProgramData\Razer\SwitchBlade\Apps\Razer\91845076-CD47-435F-A442-CEB373A3ADE8\RzNumpad.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\trend micro\zail.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\oficce\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\oficce\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\java\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "E:\avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RzSBHelper] C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [] E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] E:\kies\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [MKLOL] "E:\mk jogo\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: LOLRecorder.lnk = E:\lol replay\LOLReplay\LOLRecorder.exe
O4 - Global Startup: RazerFPSStartup.lnk = C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\oficce\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\oficce\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\avast\AvastSvc.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\belkin\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12903 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"E:\avast\AvastSvc.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe"
E:\belkin\btwdins.exe
C:\Windows\system32\EscSvc64.exe
taskeng.exe {A289ABF4-C6C9-43DF-A59D-D495FBC197C0}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {1F991959-C4E0-4061-83C7-F15E2456D833}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
WLIDSvcM.exe 2392
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"E:\kies\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
"E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"E:\belkin\BTTray.exe"
"E:\lol replay\LOLReplay\LOLRecorder.exe" -minimize
"C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe"
"C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3408.0.643478332\229122951" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"E:\avast\avastui.exe" /nogui
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.1.40734186\1089259011" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.2.169892822\2009172614" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.3.42028211\1633594690" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.4.1593370911\128964941" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.5.1971643619\1397950048" /prefetch:673131151
"C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\SysWOW64\RunDll32.exe" "E:\belkin\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe" -offline
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"E:\belkin\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.9.295071719\666877902" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.10.42398816\850409174" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3408.11.1258925668\489418638" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3408.13.1668716105\693852813" /prefetch:673131151
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\ProgramData\Razer\SwitchBlade\Apps\Razer\91845076-CD47-435F-A442-CEB373A3ADE8\RzNumpad.exe" -skin:DeathStalker
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Users\zail\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Invitation {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Update {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gentek.com/thinclient]
"Description"=ThinClient Generic Network
"Path"=C:\IGG\twclient_us\npthinclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\oficce\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\oficce\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

E:\firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{F9E87066-236C-4067-A3C2-BDA51D6B6B03}

E:\firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

E:\firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npwachk.dll
QuickTimePlugin.class

E:\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\extensions\
info@djzig.com
staged
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\
filmova-databaze-fdbcz.xml
Google.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
opensubtitlesorg.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28 238656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\oficce\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\java\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
""=E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 1106288]
"KiesPreload"=E:\kies\Kies\Kies.exe [2013-05-23 1561968]
"MKLOL"=E:\mk jogo\MKJogo\MKLOL\MK.exe -auto []
"GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-07 860488]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [2013-01-24 297024]
"DAEMON Tools Lite"=E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chromium]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
c:\program files (x86)\divx\divx update\divxupdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
c:\program files (x86)\origin\origin.exe [2014-08-27 3600216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [2012-10-25 5299320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
E:\kies\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
E:\kies\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
c:\program files (x86)\windows live\messenger\msnmsgr.exe [2011-05-13 4283256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM]
c:\users\zail\appdata\roaming\ocs\sm\searchanonymizer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-05-07 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VIAAUD]
c:\program files (x86)\via\viaudioi\vdeck\viaaud.exe [2012-10-25 2538104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=E:\ava [2013-09-18 6583664]
"RzSBHelper"=C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe [2014-06-03 78336]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-06-23 585560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - E:\belkin\BTTray.exe
LOLRecorder.lnk - E:\lol replay\LOLReplay\LOLRecorder.exe
RazerFPSStartup.lnk - C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe

C:\Users\zail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
E:\belkin\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-02 13:50:26 ----D---- C:\rsit
2014-09-01 15:43:18 ----D---- C:\Users\zail\AppData\Roaming\eCyber
2014-09-01 15:43:04 ----A---- C:\Windows\system32\drivers\iSafeKrnlBoot.sys
2014-09-01 15:43:03 ----D---- C:\Windows\system32\log
2014-09-01 15:42:20 ----D---- C:\Users\zail\AppData\Roaming\iSafe
2014-08-29 17:09:51 ----D---- C:\Program Files (x86)\PC_Booster
2014-08-29 17:08:45 ----D---- C:\ProgramData\Adblocker
2014-08-29 17:08:44 ----D---- C:\Program Files (x86)\Adblocker
2014-08-29 17:08:25 ----D---- C:\ProgramData\priceChuoP
2014-08-29 17:08:24 ----D---- C:\Program Files (x86)\priceChuoP
2014-08-29 17:08:18 ----D---- C:\ProgramData\5e6e94cd28a1ad14
2014-08-28 14:04:46 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-08-28 14:04:38 ----D---- C:\Users\zail\AppData\Roaming\DAEMON Tools Lite
2014-08-28 14:04:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-08-27 20:34:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-27 20:34:09 ----A---- C:\Windows\system32\win32k.sys
2014-08-27 20:34:09 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 20:34:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 20:34:08 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 20:34:08 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 20:33:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 20:33:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:23:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:23:36 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:23:33 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:23:32 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:23:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:23:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:23:29 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:23:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:23:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:23:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:23:20 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:23:19 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:21:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:21:35 ----A---- C:\Windows\system32\aeinv.dll
2014-08-13 15:22:02 ----D---- C:\Program Files\VIA
2014-08-13 15:22:01 ----D---- C:\Windows\system32\SRSLabs
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMTHX32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMAPO32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VtSrdAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMWRP64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMTHX64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPLD64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPCN64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMAPO64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIASysFx.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioVIA64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEP64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEL64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2APO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\VMfilt64.sys
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2014-08-13 15:21:28 ----A---- C:\Windows\system32\EEL64H.dll
2014-08-13 15:19:41 ----A---- C:\Windows\system32\EEP64A.dll
2014-08-11 18:22:13 ----D---- C:\ProgramData\IDM
2014-08-11 18:22:10 ----D---- C:\Users\zail\AppData\Roaming\IDM

======List of files/folders modified in the last 1 month======

2014-09-02 14:00:25 ----D---- C:\Windows\Temp
2014-09-02 14:00:25 ----D---- C:\Program Files\trend micro
2014-09-02 14:00:01 ----D---- C:\Windows\Prefetch
2014-09-02 13:49:25 ----SHD---- C:\System Volume Information
2014-09-02 13:46:34 ----D---- C:\Windows\system32\config
2014-09-02 13:44:02 ----D---- C:\Users\zail\AppData\Roaming\Dropbox
2014-09-02 13:40:07 ----D---- C:\ProgramData\NVIDIA
2014-09-01 22:18:08 ----D---- C:\Users\zail\AppData\Roaming\TS3Client
2014-09-01 21:21:07 ----D---- C:\Users\zail\AppData\Roaming\Skype
2014-09-01 15:49:12 ----RD---- C:\Program Files (x86)
2014-09-01 15:45:59 ----SHD---- C:\Config.Msi
2014-09-01 15:45:54 ----D---- C:\Windows\SysWOW64
2014-09-01 15:45:54 ----D---- C:\Windows\system32\Tasks
2014-09-01 15:43:04 ----D---- C:\Windows\system32\drivers
2014-09-01 15:43:03 ----D---- C:\Windows\System32
2014-09-01 15:42:30 ----D---- C:\Users\zail\AppData\Roaming\uTorrent
2014-09-01 15:19:26 ----D---- C:\Windows\system32\catroot2
2014-08-31 09:52:04 ----SHD---- C:\Windows\Installer
2014-08-31 09:40:03 ----D---- C:\Windows\Tasks
2014-08-31 09:40:03 ----D---- C:\Windows
2014-08-30 16:38:38 ----D---- C:\ProgramData\PMB Files
2014-08-30 08:13:19 ----D---- C:\film
2014-08-29 17:08:45 ----HD---- C:\ProgramData
2014-08-29 17:08:18 ----HD---- C:\Windows\system32\GroupPolicy
2014-08-29 17:08:18 ----D---- C:\Program Files (x86)\Google
2014-08-29 17:08:17 ----RD---- C:\Users
2014-08-29 15:47:25 ----D---- C:\Windows\winsxs
2014-08-29 15:35:55 ----RSD---- C:\Windows\assembly
2014-08-29 15:33:48 ----D---- C:\Windows\Logs
2014-08-29 15:17:45 ----D---- C:\Windows\inf
2014-08-29 15:17:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-28 14:05:01 ----D---- C:\Windows\system32\DriverStore
2014-08-28 14:05:01 ----D---- C:\Windows\system32\catroot
2014-08-27 20:24:37 ----D---- C:\ProgramData\Origin
2014-08-27 20:24:26 ----D---- C:\Program Files (x86)\Origin
2014-08-27 19:52:30 ----D---- C:\ProgramData\Package Cache
2014-08-20 17:28:15 ----D---- C:\Users\zail\AppData\Roaming\vlc
2014-08-15 07:41:54 ----D---- C:\Windows\Microsoft.NET
2014-08-15 06:59:09 ----D---- C:\Windows\ehome
2014-08-15 06:59:07 ----RSD---- C:\Windows\Fonts
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-15 06:58:55 ----D---- C:\Windows\system32\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\system32\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 06:58:51 ----D---- C:\Program Files\Internet Explorer
2014-08-15 06:58:49 ----D---- C:\Windows\PolicyDefinitions
2014-08-15 06:58:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 20:45:27 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 20:41:10 ----D---- C:\Windows\system32\MRT
2014-08-14 20:37:44 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 20:33:24 ----SD---- C:\Windows\system32\CompatTel
2014-08-13 15:22:02 ----RD---- C:\Program Files
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-09 224896]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-06-30 104408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-07-07 386680]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-09 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-28 283064]
R1 RzFilter;RzFilter; \??\C:\Windows\system32\drivers\RzFilter.sys [2014-04-18 74432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-09 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-09 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-09 92008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-01 43680]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-07-03 598328]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-05-25 33344]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RzDxgk;RzDxgk; \??\C:\Windows\system32\drivers\RzDxgk.sys [2014-04-18 129472]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-05-19 39080]
R3 rzhnet;Razer Inc. External Display Driver; C:\Windows\System32\Drivers\rzhnet.sys [2014-05-19 21160]
R3 rzjstk;Razer Virtual Joystick Driver; C:\Windows\system32\DRIVERS\rzjstk.sys [2014-05-19 27816]
R3 rzudd;RazerEx Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-05-19 155816]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-25 455992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-10-22 2206864]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 6402560]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 188928]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz132;cpuz132; C:\Windows\system32\drivers\cpuz132.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 netr7364;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-04 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; C:\Windows\system32\drivers\SANDRA.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-04-04 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
R2 avast! Antivirus;avast! Antivirus; E:\ava [2013-09-18 6583664]
R2 BRA_Scheduler;Brother BRAdminPro Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [2010-09-15 65536]
R2 btwdins;Bluetooth Service; E:\belkin\btwdins.exe [2012-10-17 1005944]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-10 76888]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [2014-04-18 32960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-10-22 27768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-Dienst (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; E:\skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Google Update-Dienst (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\oficce\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Rudy]

Zdravím!
Jak je na tom váš oper. systém s legalitou?

[zail]

zdravim

Je legalni mame je v praci a tim ze tam spravuji sit mam ho placeny z prace

[Rudy]

V tom případě využijte tuto službu: http://www.neslape.cz/?utm_campaign=nes ... ium=banner . Fórum viry.cz je primárně určeno home userům. Děkuji.

[zail]

no ale ja ho mam domaci pouze zaplaceny od zamestnavatele, ale pro domaci potreby

[Rudy]

Tak jak to tedy vlastně je? Domácí, nebo firemní? Buď je domácí, nebo firemní. Obojí ale těžko.

[zail]

domaci ale licence od zamestnavatele proste a jednoduse sef koupil vice licenci a tak mi za dobre sluzby jednu nechal pro privat

[Rudy]

OK. Je to sice pouze oznámení, že něco bylo zablokováno (tzn.do PC se nedostalo), nicméně PC vyčistíme. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[zail]

zdravim zde log

# AdwCleaner v3.309 - Report created 03/09/2014 at 16:15:28
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : zail - ZAIL-PC
# Running from : C:\Users\zail\AppData\Local\Temp\4569b60e-9e09-455c-8b2c-5dd398441fc9\AdwCleaner_v3\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\priceChuoP
Folder Deleted : C:\Program Files (x86)\Adblocker
Folder Deleted : C:\Program Files (x86)\PC_booster
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\priceChuoP
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\zail\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\zail\AppData\Local\SearchProtect
Folder Deleted : C:\Users\zail\AppData\Local\Temp\iSafeRightKeyScan
Folder Deleted : C:\Users\zail\AppData\Roaming\eCyber
Folder Deleted : C:\Users\zail\AppData\Roaming\iSafe
Folder Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\ICQToolbarData
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
Folder Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
[!] Folder Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnheocdganlenipbfgbnipgijidhfjam
File Deleted : C:\Windows\System32\drivers\iSafeKrnlBoot.sys
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\invalidprefs.js
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-10.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : BrowserProtect
Task Deleted : EPUpdater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\ppricechhoop.ppricechhoop
Key Deleted : HKLM\SOFTWARE\Classes\ppricechhoop.ppricechhoop.3.9
Key Deleted : HKLM\SOFTWARE\Classes\Adblocker.Adblocker
Key Deleted : HKLM\SOFTWARE\Classes\Adblocker.Adblocker.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC9E53E-6AE8-C7FC-55DB-54C39FC194EA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EDC23F66-5C69-AD17-01BA-F0D4F3970FC3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CFC9E53E-6AE8-C7FC-55DB-54C39FC194EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EDC23F66-5C69-AD17-01BA-F0D4F3970FC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CFC9E53E-6AE8-C7FC-55DB-54C39FC194EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EDC23F66-5C69-AD17-01BA-F0D4F3970FC3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\iSafe
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v3.6.2 (cs)

[ File : C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\zail\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.daemon-search.com/search?q={searchTerms}
Deleted [Search Provider] : hxxp://search.icq.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6963712E636F6D2F7365617263682F726573756C74732F3F713D7B7365617263685465726D737D2663685F69643D6963712D66782D706C7567&st={searchTerms}&clid=dc9226b4-404e-4429-8913-5e4971dc9e80&pid=nc
Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=70A1002618745454
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
Deleted [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3324850&octid ... 5644&SSPV=
Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3324850&octid ... 5644&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : dnheocdganlenipbfgbnipgijidhfjam
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [13083 octets] - [03/09/2014 16:13:11]
AdwCleaner[S0].txt - [13303 octets] - [03/09/2014 16:15:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13364 octets] ##########

[Rudy]

Dejte nový log RSIT.

[zail]

Logfile of random's system information tool 1.09 (written by random/random)
Run by zail at 2014-09-03 20:25:58
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (18%) free of 108 GB
Total RAM: 8191 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:02, on 03.09.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
E:\kies\Kies\Kies.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe
C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\avast\avastui.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe
C:\ProgramData\Razer\SwitchBlade\Apps\Razer\91845076-CD47-435F-A442-CEB373A3ADE8\RzNumpad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\lol replay\LOLReplay\LOLRecorder.exe
E:\teamspeak\ts3client_win32.exe
C:\Program Files\trend micro\zail.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\oficce\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\oficce\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\java\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "E:\avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RzSBHelper] C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [] E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] E:\kies\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [MKLOL] "E:\mk jogo\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: LOLRecorder.lnk = E:\lol replay\LOLReplay\LOLRecorder.exe
O4 - Global Startup: RazerFPSStartup.lnk = C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\oficce\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\oficce\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\avast\AvastSvc.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\belkin\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12577 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"E:\avast\AvastSvc.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe"
E:\belkin\btwdins.exe
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {B20E9451-A179-41DB-8F18-32CF675FDA1F}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2512
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"E:\kies\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
"E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"E:\belkin\BTTray.exe"
"C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe"
"C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3572.0.653629248\463427657" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"E:\avast\avastui.exe" /nogui
"C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.1.1685325235\945095052" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.2.1305188753\237574957" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.3.1697650436\2072155787" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.4.909999563\1356526168" /prefetch:673131151
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe" -offline
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\SysWOW64\RunDll32.exe" "E:\belkin\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"E:\belkin\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe" -Embedding
"C:\ProgramData\Razer\SwitchBlade\Apps\Razer\91845076-CD47-435F-A442-CEB373A3ADE8\RzNumpad.exe" -skin:DeathStalker
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3572.14.241803354\2118677934" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.21.1886167587\1959639377" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/PasswordManagerUI/Bubble/Prerender/PrerenderNoUse/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --channel="3572.26.780513652\193981477" /prefetch:673131151
"E:\lol replay\LOLReplay\LOLRecorder.exe" replay\LOLReplay\LOLRecorder.exe" -minimize
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"E:\teamspeak\ts3client_win32.exe"
"C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\nacl64" --type=nacl-broker --channel="3572.34.97503684\263687188" /prefetch:-875166825
"C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\nacl64.exe" --type=nacl-loader --channel="3572.33.646650674\66613037" --ignored=" --type=renderer " /prefetch:-1502398898
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\zail\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Invitation {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Update {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gentek.com/thinclient]
"Description"=ThinClient Generic Network
"Path"=C:\IGG\twclient_us\npthinclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\oficce\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\oficce\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

E:\firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{F9E87066-236C-4067-A3C2-BDA51D6B6B03}

E:\firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

E:\firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npwachk.dll
QuickTimePlugin.class

E:\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\extensions\
info@djzig.com
staged
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\
filmova-databaze-fdbcz.xml
Google.xml
opensubtitlesorg.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28 238656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\oficce\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\java\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
""=E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 1106288]
"KiesPreload"=E:\kies\Kies\Kies.exe [2013-05-23 1561968]
"MKLOL"=E:\mk jogo\MKJogo\MKLOL\MK.exe -auto []
"GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-07 860488]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [2013-01-24 297024]
"DAEMON Tools Lite"=E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chromium]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
c:\program files (x86)\divx\divx update\divxupdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
c:\program files (x86)\origin\origin.exe [2014-08-27 3600216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [2012-10-25 5299320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
E:\kies\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
E:\kies\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
c:\program files (x86)\windows live\messenger\msnmsgr.exe [2011-05-13 4283256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM]
c:\users\zail\appdata\roaming\ocs\sm\searchanonymizer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-05-07 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VIAAUD]
c:\program files (x86)\via\viaudioi\vdeck\viaaud.exe [2012-10-25 2538104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=E:\ava [2013-09-18 6583664]
"RzSBHelper"=C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe [2014-06-03 78336]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-06-23 585560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - E:\belkin\BTTray.exe
LOLRecorder.lnk - E:\lol replay\LOLReplay\LOLRecorder.exe
RazerFPSStartup.lnk - C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe

C:\Users\zail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
E:\belkin\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 16:12:54 ----D---- C:\AdwCleaner
2014-09-02 13:50:26 ----D---- C:\rsit
2014-09-01 15:43:03 ----D---- C:\Windows\system32\log
2014-08-29 17:08:18 ----D---- C:\ProgramData\5e6e94cd28a1ad14
2014-08-28 14:04:46 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-08-28 14:04:38 ----D---- C:\Users\zail\AppData\Roaming\DAEMON Tools Lite
2014-08-28 14:04:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-08-27 20:34:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-27 20:34:09 ----A---- C:\Windows\system32\win32k.sys
2014-08-27 20:34:09 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 20:34:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 20:34:08 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 20:34:08 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 20:33:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 20:33:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:23:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:23:36 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:23:33 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:23:32 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:23:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:23:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:23:29 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:23:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:23:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:23:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:23:20 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:23:19 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:21:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:21:35 ----A---- C:\Windows\system32\aeinv.dll
2014-08-13 15:22:02 ----D---- C:\Program Files\VIA
2014-08-13 15:22:01 ----D---- C:\Windows\system32\SRSLabs
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMTHX32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMAPO32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VtSrdAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMWRP64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMTHX64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPLD64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPCN64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMAPO64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIASysFx.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioVIA64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEP64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEL64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2APO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\VMfilt64.sys
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2014-08-13 15:21:28 ----A---- C:\Windows\system32\EEL64H.dll
2014-08-13 15:19:41 ----A---- C:\Windows\system32\EEP64A.dll
2014-08-11 18:22:13 ----D---- C:\ProgramData\IDM
2014-08-11 18:22:10 ----D---- C:\Users\zail\AppData\Roaming\IDM

======List of files/folders modified in the last 1 month======

2014-09-03 20:26:01 ----D---- C:\Windows\Temp
2014-09-03 20:26:01 ----D---- C:\Program Files\trend micro
2014-09-03 18:11:39 ----D---- C:\Windows\Prefetch
2014-09-03 16:37:23 ----D---- C:\Users\zail\AppData\Roaming\TS3Client
2014-09-03 16:34:55 ----D---- C:\ProgramData\PMB Files
2014-09-03 16:33:38 ----D---- C:\Windows\system32\config
2014-09-03 16:21:28 ----D---- C:\Users\zail\AppData\Roaming\Dropbox
2014-09-03 16:17:11 ----D---- C:\ProgramData\NVIDIA
2014-09-03 16:15:30 ----D---- C:\Windows\system32\drivers
2014-09-03 16:15:28 ----RD---- C:\Program Files (x86)
2014-09-03 16:15:28 ----HD---- C:\ProgramData
2014-09-03 16:13:05 ----D---- C:\Windows\AppPatch
2014-09-02 13:49:25 ----SHD---- C:\System Volume Information
2014-09-01 21:21:07 ----D---- C:\Users\zail\AppData\Roaming\Skype
2014-09-01 15:45:59 ----SHD---- C:\Config.Msi
2014-09-01 15:45:54 ----D---- C:\Windows\SysWOW64
2014-09-01 15:45:54 ----D---- C:\Windows\system32\Tasks
2014-09-01 15:43:03 ----D---- C:\Windows\System32
2014-09-01 15:42:30 ----D---- C:\Users\zail\AppData\Roaming\uTorrent
2014-09-01 15:19:26 ----D---- C:\Windows\system32\catroot2
2014-08-31 09:52:04 ----SHD---- C:\Windows\Installer
2014-08-31 09:40:03 ----D---- C:\Windows\Tasks
2014-08-31 09:40:03 ----D---- C:\Windows
2014-08-30 08:13:19 ----D---- C:\film
2014-08-29 17:08:18 ----HD---- C:\Windows\system32\GroupPolicy
2014-08-29 17:08:18 ----D---- C:\Program Files (x86)\Google
2014-08-29 17:08:17 ----RD---- C:\Users
2014-08-29 15:47:25 ----D---- C:\Windows\winsxs
2014-08-29 15:35:55 ----RSD---- C:\Windows\assembly
2014-08-29 15:33:48 ----D---- C:\Windows\Logs
2014-08-29 15:17:45 ----D---- C:\Windows\inf
2014-08-29 15:17:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-28 14:05:01 ----D---- C:\Windows\system32\DriverStore
2014-08-28 14:05:01 ----D---- C:\Windows\system32\catroot
2014-08-27 20:24:37 ----D---- C:\ProgramData\Origin
2014-08-27 20:24:26 ----D---- C:\Program Files (x86)\Origin
2014-08-27 19:52:30 ----D---- C:\ProgramData\Package Cache
2014-08-20 17:28:15 ----D---- C:\Users\zail\AppData\Roaming\vlc
2014-08-15 07:41:54 ----D---- C:\Windows\Microsoft.NET
2014-08-15 06:59:09 ----D---- C:\Windows\ehome
2014-08-15 06:59:07 ----RSD---- C:\Windows\Fonts
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-15 06:58:55 ----D---- C:\Windows\system32\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\system32\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 06:58:51 ----D---- C:\Program Files\Internet Explorer
2014-08-15 06:58:49 ----D---- C:\Windows\PolicyDefinitions
2014-08-15 06:58:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 20:45:27 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 20:41:10 ----D---- C:\Windows\system32\MRT
2014-08-14 20:37:44 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 20:33:24 ----SD---- C:\Windows\system32\CompatTel
2014-08-13 15:22:02 ----RD---- C:\Program Files
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-09 224896]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-06-30 104408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-07-07 386680]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-09 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-28 283064]
R1 RzFilter;RzFilter; \??\C:\Windows\system32\drivers\RzFilter.sys [2014-04-18 74432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-09 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-09 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-09 92008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-01 43680]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-07-03 598328]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-05-25 33344]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RzDxgk;RzDxgk; \??\C:\Windows\system32\drivers\RzDxgk.sys [2014-04-18 129472]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-05-19 39080]
R3 rzhnet;Razer Inc. External Display Driver; C:\Windows\System32\Drivers\rzhnet.sys [2014-05-19 21160]
R3 rzjstk;Razer Virtual Joystick Driver; C:\Windows\system32\DRIVERS\rzjstk.sys [2014-05-19 27816]
R3 rzudd;RazerEx Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-05-19 155816]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-25 455992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-10-22 2206864]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 6402560]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 188928]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz132;cpuz132; C:\Windows\system32\drivers\cpuz132.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 netr7364;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-04 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; C:\Windows\system32\drivers\SANDRA.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-04-04 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
R2 avast! Antivirus;avast! Antivirus; E:\ava [2013-09-18 6583664]
R2 BRA_Scheduler;Brother BRAdminPro Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [2010-09-15 65536]
R2 btwdins;Bluetooth Service; E:\belkin\btwdins.exe [2012-10-17 1005944]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-10 76888]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [2014-04-18 32960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-10-22 27768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-Dienst (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; E:\skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Google Update-Dienst (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\oficce\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
E:\firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
E:\firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
E:\firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
E:\firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
E:\firefox\extensions\{F9E87066-236C-4067-A3C2-BDA51D6B6B03}
E:\firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
E:\firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[zail]

Logfile of random's system information tool 1.09 (written by random/random)
Run by zail at 2014-09-03 21:50:29
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 20 GB (18%) free of 108 GB
Total RAM: 8191 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:33, on 03.09.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
E:\kies\Kies\Kies.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe
E:\avast\avastui.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
E:\lol replay\LOLReplay\LOLRecorder.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe
C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\zail.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\oficce\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\oficce\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\java\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "E:\avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RzSBHelper] C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [] E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] E:\kies\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [MKLOL] "E:\mk jogo\MKJogo\MKLOL\MK.exe" -auto
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = zail\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: LOLRecorder.lnk = E:\lol replay\LOLReplay\LOLRecorder.exe
O4 - Global Startup: RazerFPSStartup.lnk = C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\oficce\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://E:\oficce\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\oficce\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\icq\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - E:\oficce\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\avast\AvastSvc.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\belkin\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - (no file)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Razer Overlay Subsystem Emergency Service (RzOvlMon) - Razer, Inc. - C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 12239 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"E:\avast\AvastSvc.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe"
"C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe"
E:\belkin\btwdins.exe
taskeng.exe {1D35E867-45D7-4207-8229-6A5D629AFB83}
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
taskeng.exe {E89BF1C3-0432-4283-8925-3C086CB597CC}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
WLIDSvcM.exe 2428
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"E:\kies\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-312 313 315 Series"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2712.0.1740339112\1263623161" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16,43 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe" -autorun
"E:\avast\avastui.exe" /nogui
"E:\belkin\BTTray.exe"
"C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe"
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"E:\lol replay\LOLReplay\LOLRecorder.exe" -minimize
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-threaded-compositing --enable-delegated-renderer --channel="2712.1.1753041281\1137585725" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-threaded-compositing --enable-delegated-renderer --channel="2712.2.1044912344\141919191" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-threaded-compositing --enable-delegated-renderer --channel="2712.3.1786311573\1741424804" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-threaded-compositing --enable-delegated-renderer --channel="2712.4.420371169\700629594" /prefetch:673131151
"C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe"
"C:\ProgramData\Razer\SwitchBlade\DeathStalker\Razer\1068AAE3-6299-4086-A7F6-0600F5F1D1E5\RzHome.exe" -offline
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Razer\SwitchBlade\RzAppManager.exe" -Embedding
"C:\Windows\SysWOW64\RunDll32.exe" "E:\belkin\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"E:\belkin\BtStackServer.exe" -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2712.13.2007958220\1585447969" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/ML Kodachrome dev/EmbeddedSearch/Group1 dev:pp5 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionInstallVerification/Bootstrap/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/HpackHuffmanAggregator/Disabled/Prerender/PrerenderMulti/PrerenderLocalPredictorSpec/cd=3b:LocalPredictor=Enabled:SkipHTTPS=Enabled:SideEffectFreeWhitelist=Enabled:MaxConcurrentPrerenders=5:PrerenderPriorityHalfLifeTimeSeconds=30:PrerenderQueryPrerenderService=Enabled:PrerenderServiceFetchTimeoutMs=5000:SkipPrerenderLocalCandidates=Enabled:PrerenderAlwaysControl=Enabled:MaxLaunchPrerenders=2/SDCH/EnabledHttpOnly/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/group_01/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_95/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/WindowsLogoffRace/WindowsLogoffRace/" --renderer-print-preview --enable-offline-auto-reload --enable-threaded-compositing --enable-delegated-renderer --channel="2712.15.1352119092\260006269" /prefetch:673131151
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Users\zail\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Invitation {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job
C:\Windows\tasks\EPSON XP-312 313 315 Series Update {28BD1517-300F-4C82-9CD0-B78B2080EFAC}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.102.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gentek.com/thinclient]
"Description"=ThinClient Generic Network
"Path"=C:\IGG\twclient_us\npthinclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=E:\java\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=E:\java\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\oficce\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\oficce\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=E:\vlcplayer\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


E:\firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

E:\firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npwachk.dll
QuickTimePlugin.class

E:\firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\extensions\
info@djzig.com
staged
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}

C:\Users\zail\AppData\Roaming\Mozilla\Firefox\Profiles\ufucwtv1.default\searchplugins\
filmova-databaze-fdbcz.xml
Google.xml
opensubtitlesorg.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28 238656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - E:\ava [2013-09-18 6583664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\oficce\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\java\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25 438368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
""=E:\kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 1106288]
"KiesPreload"=E:\kies\Kies\Kies.exe [2013-05-23 1561968]
"MKLOL"=E:\mk jogo\MKJogo\MKLOL\MK.exe -auto []
"GoogleChromeAutoLaunch_61DF9031EEED441822C789611D7D05B8"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-07 860488]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [2013-01-24 297024]
"DAEMON Tools Lite"=E:\deamon tols lite\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chromium]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
c:\program files (x86)\divx\divx update\divxupdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
c:\program files (x86)\origin\origin.exe [2014-08-27 3600216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [2012-10-25 5299320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
E:\kies\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
E:\kies\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
c:\program files (x86)\windows live\messenger\msnmsgr.exe [2011-05-13 4283256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocs_SM]
c:\users\zail\appdata\roaming\ocs\sm\searchanonymizer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-05-07 256896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VIAAUD]
c:\program files (x86)\via\viaudioi\vdeck\viaaud.exe [2012-10-25 2538104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=E:\ava [2013-09-18 6583664]
"RzSBHelper"=C:\Program Files (x86)\Razer\SwitchBlade\RzSBHelper.exe [2014-06-03 78336]
""= []
"Razer Synapse"=C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [2014-06-23 585560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - E:\belkin\BTTray.exe
LOLRecorder.lnk - E:\lol replay\LOLReplay\LOLRecorder.exe
RazerFPSStartup.lnk - C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe

C:\Users\zail\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\zail\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\oficce\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
E:\belkin\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-03 21:41:32 ----D---- C:\_OTM
2014-09-03 16:12:54 ----D---- C:\AdwCleaner
2014-09-02 13:50:26 ----D---- C:\rsit
2014-09-01 15:43:03 ----D---- C:\Windows\system32\log
2014-08-29 17:08:18 ----D---- C:\ProgramData\5e6e94cd28a1ad14
2014-08-28 14:04:46 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-08-28 14:04:38 ----D---- C:\Users\zail\AppData\Roaming\DAEMON Tools Lite
2014-08-28 14:04:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-08-27 20:34:09 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-27 20:34:09 ----A---- C:\Windows\system32\win32k.sys
2014-08-27 20:34:09 ----A---- C:\Windows\system32\gdi32.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-14 20:34:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-14 20:34:10 ----A---- C:\Windows\system32\icardagt.exe
2014-08-14 20:34:08 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-14 20:34:08 ----A---- C:\Windows\system32\icardres.dll
2014-08-14 20:33:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-14 20:33:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-14 07:23:38 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-14 07:23:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-14 07:23:36 ----A---- C:\Windows\system32\tzres.dll
2014-08-14 07:23:33 ----A---- C:\Windows\system32\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-14 07:23:32 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\msihnd.dll
2014-08-14 07:23:32 ----A---- C:\Windows\system32\consent.exe
2014-08-14 07:23:32 ----A---- C:\Windows\system32\authui.dll
2014-08-14 07:23:30 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-14 07:23:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-14 07:23:29 ----A---- C:\Windows\system32\shell32.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-14 07:23:27 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:23:27 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-14 07:23:26 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\iernonce.dll
2014-08-14 07:23:26 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-14 07:23:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\urlmon.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 07:23:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-14 07:23:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-14 07:23:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iesetup.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iertutil.dll
2014-08-14 07:23:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-14 07:23:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-14 07:23:23 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieui.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\ieframe.dll
2014-08-14 07:23:22 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\vbscript.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\jscript9.dll
2014-08-14 07:23:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\wininet.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:23:20 ----A---- C:\Windows\system32\msrating.dll
2014-08-14 07:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-14 07:23:19 ----A---- C:\Windows\system32\mshtml.dll
2014-08-14 07:21:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-14 07:21:36 ----A---- C:\Windows\system32\aepdu.dll
2014-08-14 07:21:35 ----A---- C:\Windows\system32\aeinv.dll
2014-08-13 15:22:02 ----D---- C:\Program Files\VIA
2014-08-13 15:22:01 ----D---- C:\Windows\system32\SRSLabs
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMTHX32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\SYSWOW64\VMAPO32.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VtSrdAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMWRP64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMTHX64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPLD64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMPPCN64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VMAPO64.DLL
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIASysFx.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViakaraokeSrv.exe
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\ViaKaraokeApo.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQPropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\nQAPO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioVIA64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEP64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEL64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEG64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EED64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64H.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\EEA64A.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\Dts2APO.dll
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\VMfilt64.sys
2014-08-13 15:21:29 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2014-08-13 15:21:28 ----A---- C:\Windows\system32\EEL64H.dll
2014-08-13 15:19:41 ----A---- C:\Windows\system32\EEP64A.dll
2014-08-11 18:22:13 ----D---- C:\ProgramData\IDM
2014-08-11 18:22:10 ----D---- C:\Users\zail\AppData\Roaming\IDM

======List of files/folders modified in the last 1 month======

2014-09-03 21:50:31 ----D---- C:\Windows\Temp
2014-09-03 21:50:31 ----D---- C:\Program Files\trend micro
2014-09-03 21:48:00 ----D---- C:\Users\zail\AppData\Roaming\Dropbox
2014-09-03 21:47:14 ----D---- C:\Windows\Prefetch
2014-09-03 21:43:55 ----D---- C:\ProgramData\NVIDIA
2014-09-03 21:42:11 ----D---- C:\Windows\system32\config
2014-09-03 16:37:23 ----D---- C:\Users\zail\AppData\Roaming\TS3Client
2014-09-03 16:34:55 ----D---- C:\ProgramData\PMB Files
2014-09-03 16:15:30 ----D---- C:\Windows\system32\drivers
2014-09-03 16:15:28 ----RD---- C:\Program Files (x86)
2014-09-03 16:15:28 ----HD---- C:\ProgramData
2014-09-03 16:13:05 ----D---- C:\Windows\AppPatch
2014-09-02 13:49:25 ----SHD---- C:\System Volume Information
2014-09-01 21:21:07 ----D---- C:\Users\zail\AppData\Roaming\Skype
2014-09-01 15:45:59 ----SHD---- C:\Config.Msi
2014-09-01 15:45:54 ----D---- C:\Windows\SysWOW64
2014-09-01 15:45:54 ----D---- C:\Windows\system32\Tasks
2014-09-01 15:43:03 ----D---- C:\Windows\System32
2014-09-01 15:42:30 ----D---- C:\Users\zail\AppData\Roaming\uTorrent
2014-09-01 15:19:26 ----D---- C:\Windows\system32\catroot2
2014-08-31 09:52:04 ----SHD---- C:\Windows\Installer
2014-08-31 09:40:03 ----D---- C:\Windows\Tasks
2014-08-31 09:40:03 ----D---- C:\Windows
2014-08-30 08:13:19 ----D---- C:\film
2014-08-29 17:08:18 ----HD---- C:\Windows\system32\GroupPolicy
2014-08-29 17:08:18 ----D---- C:\Program Files (x86)\Google
2014-08-29 17:08:17 ----RD---- C:\Users
2014-08-29 15:47:25 ----D---- C:\Windows\winsxs
2014-08-29 15:35:55 ----RSD---- C:\Windows\assembly
2014-08-29 15:33:48 ----D---- C:\Windows\Logs
2014-08-29 15:17:45 ----D---- C:\Windows\inf
2014-08-29 15:17:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-28 14:05:01 ----D---- C:\Windows\system32\DriverStore
2014-08-28 14:05:01 ----D---- C:\Windows\system32\catroot
2014-08-27 20:24:37 ----D---- C:\ProgramData\Origin
2014-08-27 20:24:26 ----D---- C:\Program Files (x86)\Origin
2014-08-27 19:52:30 ----D---- C:\ProgramData\Package Cache
2014-08-20 17:28:15 ----D---- C:\Users\zail\AppData\Roaming\vlc
2014-08-15 07:41:54 ----D---- C:\Windows\Microsoft.NET
2014-08-15 06:59:09 ----D---- C:\Windows\ehome
2014-08-15 06:59:07 ----RSD---- C:\Windows\Fonts
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-08-15 06:58:55 ----D---- C:\Windows\system32\sk-SK
2014-08-15 06:58:55 ----D---- C:\Windows\system32\en-US
2014-08-15 06:58:55 ----D---- C:\Windows\system32\cs-CZ
2014-08-15 06:58:51 ----D---- C:\Program Files\Internet Explorer
2014-08-15 06:58:49 ----D---- C:\Windows\PolicyDefinitions
2014-08-15 06:58:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-14 20:45:27 ----D---- C:\ProgramData\Microsoft Help
2014-08-14 20:41:10 ----D---- C:\Windows\system32\MRT
2014-08-14 20:37:44 ----A---- C:\Windows\system32\MRT.exe
2014-08-14 20:33:24 ----SD---- C:\Windows\system32\CompatTel
2014-08-13 15:22:02 ----RD---- C:\Program Files
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-09 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-09 224896]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-06-30 104408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-07-07 386680]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-09 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-09 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-28 283064]
R1 RzFilter;RzFilter; \??\C:\Windows\system32\drivers\RzFilter.sys [2014-04-18 74432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-09 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-09 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-09 92008]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-13 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-01 43680]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-09-24 165688]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-07-03 598328]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-05-25 33344]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-09 55296]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RzDxgk;RzDxgk; \??\C:\Windows\system32\drivers\RzDxgk.sys [2014-04-18 129472]
R3 rzendpt;rzendpt; C:\Windows\system32\DRIVERS\rzendpt.sys [2014-05-19 39080]
R3 rzhnet;Razer Inc. External Display Driver; C:\Windows\System32\Drivers\rzhnet.sys [2014-05-19 21160]
R3 rzjstk;Razer Virtual Joystick Driver; C:\Windows\system32\DRIVERS\rzjstk.sys [2014-05-19 27816]
R3 rzudd;RazerEx Mouse Driver; C:\Windows\system32\DRIVERS\rzudd.sys [2014-05-19 155816]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-25 455992]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-10-22 2206864]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 6402560]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 188928]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 cpuz132;cpuz132; C:\Windows\system32\drivers\cpuz132.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 netr7364;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-04-04 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; C:\Windows\system32\drivers\SANDRA.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-04-04 57856]
S3 tsusbhub;tsusbhub; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
R2 avast! Antivirus;avast! Antivirus; E:\ava [2013-09-18 6583664]
R2 BRA_Scheduler;Brother BRAdminPro Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [2010-09-15 65536]
R2 btwdins;Bluetooth Service; E:\belkin\btwdins.exe [2012-10-17 1005944]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-10 76888]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [2014-04-18 32960]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-10-22 27768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update-Dienst (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; E:\skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Google Update-Dienst (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; E:\oficce\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-14 833728]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\zail.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/ ... ontrol.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.