Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

V Chrome po načtení stránek vyskakuje druhý tab s reklamou

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

V Chrome po načtení stránek vyskakuje druhý tab s reklamou

#1 Příspěvek od TygrHanik »

Zdravím a děkuji předem za pomoc :-)
Počítač NB lenovo s Win 8.1 64b -jako browser se používá Chrome,mělo by být aktuální.
Od včera, když dcera načte nějakou stránku, vyskočí rovnu i druhý tab, a v něm nějaká reklama a nabídka na soft. Přesměrování probíhá přes: 92.241.171.
Na NB je aktivní ESET a nic nezachytil.

Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Haník at 2016-09-18 18:13:41
Microsoft Windows 8.1
System drive C: has 831 GB (91%) free of 911 GB
Total RAM: 7128 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:13:49, on 18. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Haník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://non-block.net/wpad.dat?f5d67429e ... 0016630141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [ghost] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Active File Monitor V13 (AdobeActiveFileMonitor13.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11854 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\SysWOW64\tbaseprovisioning.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 68688777552
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\windows\system32\CxAudMsg64.exe
dashost.exe {859ace1c-3cf1-4d81-abd7f71dc6d111b1}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe"
C:\windows\system32\hasplms.exe -run
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\Explorer.EXE
taskhostex.exe
"C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8e5d4c57-f12e-4692-94d0-431a39f45a1c -SystemEventPortName:HostProcess-f359b5f9-5808-4296-a553-ee73044d496d -IoCancelEventPortName:HostProcess-630c8f58-f8b0-4fc5-8d0a-8ecc6b820733 -NonStateChangingEventPortName:HostProcess-ca1391b9-0347-4688-aae2-4eda44708945 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cab69afd-3108-499f-b218-fb6aac8371cc -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe"
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Haník\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0x13c
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 -1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4224.0.1981276445\1352665637" --mojo-application-channel-token=8DFBBC7E8852C52922C21F48F9E6F115 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --mojo-channel-token=0F378B71D8767ACBC504182DA163A597 --lang=cs --mojo-application-channel-token=F85BE39D6292B9882CC523DEA4B74D79 --mojo-platform-channel-handle=2096 --ignored=" --type=renderer " /prefetch:8
"C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe"
"C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/18/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_51/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="5652.2.1368497503\1707524769" /prefetch:3
"C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7C6C88B48F40311E05348B37151BD444 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=0C6F19BE174398BA1C5D391CC02D4AF0 --mojo-application-channel-token=7C6C88B48F40311E05348B37151BD444 --channel="4224.5.1954972375\2063979166" --mojo-platform-channel-handle=2620 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=78149D686621D3EB00E025EA790C8CCB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=055E914316F3A359C5A265E2570CB663 --mojo-application-channel-token=78149D686621D3EB00E025EA790C8CCB --channel="4224.6.419710282\268477303" --mojo-platform-channel-handle=5524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --mojo-channel-token=5723A3A1F06A4B85AFF9005981972AE5 --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=5052 /prefetch:4
"C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE"
C:\windows\system32\DllHost.exe /Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=C109EC2F45EC5740C47A0F038C1FDCF0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B09BF7C51F74A76B3DA016DEFA3286E9 --mojo-application-channel-token=C109EC2F45EC5740C47A0F038C1FDCF0 --channel="4224.18.1852701417\48950043" --mojo-platform-channel-handle=5700 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=2E5286681D077EFD6257628DC2AD31C1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=4359BA05DBFF159402C2C13884568002 --mojo-application-channel-token=2E5286681D077EFD6257628DC2AD31C1 --channel="4224.24.314073641\1330305614" --mojo-platform-channel-handle=8224 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=A117234A69753232CB2F94C7B6C31923 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=39984F7232282CF8D194DF2C969BF9B9 --mojo-application-channel-token=A117234A69753232CB2F94C7B6C31923 --channel="4224.28.223469358\314904860" --mojo-platform-channel-handle=6600 /prefetch:1
C:\windows\system32\wbem\wmiprvse.exe

"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Haník\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======
Nahoru
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#2 Příspěvek od TygrHanik »

Ještě pokračování logu:

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d064cdb6561be0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-12-13 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-18 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-12-13 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-11 2891592]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-07 216064]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27 557984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-06-23 3639280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-06-29 26424960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2016-07-27 7874024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"ghost"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe [2010-02-08 192000]
"Tilt"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe [2011-04-20 729088]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Haník\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-18 18:13:42 ----D---- C:\Program Files\trend micro
2016-09-18 18:13:41 ----D---- C:\rsit
2016-09-18 17:50:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mwac.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbam.sys
2016-09-18 17:48:53 ----D---- C:\ProgramData\Malwarebytes
2016-09-18 17:48:53 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-18 16:18:45 ----A---- C:\windows\system32\TpmTasks.dll
2016-09-17 12:23:27 ----D---- C:\ProgramData\Webitar Production Inc
2016-09-17 11:15:14 ----D---- C:\Users\Haník\AppData\Roaming\SYSTEMAX Software Development
2016-09-17 11:15:14 ----D---- C:\ProgramData\SYSTEMAX Software Development
2016-09-11 10:39:22 ----D---- C:\Users\Haník\AppData\Roaming\WinRAR
2016-09-11 10:34:32 ----D---- C:\Program Files\WinRAR
2016-09-11 10:28:59 ----D---- C:\Program Files (x86)\WinRAR

======List of files/folders modified in the last 1 month======

2016-09-18 18:13:42 ----RD---- C:\Program Files
2016-09-18 18:12:03 ----D---- C:\windows\Temp
2016-09-18 18:00:01 ----D---- C:\windows\system32\sru
2016-09-18 17:51:10 ----D---- C:\windows\Prefetch
2016-09-18 17:50:37 ----D---- C:\windows\system32\drivers
2016-09-18 17:48:56 ----D---- C:\windows\system32\config
2016-09-18 17:48:53 ----RD---- C:\Program Files (x86)
2016-09-18 17:48:53 ----HD---- C:\ProgramData
2016-09-18 17:48:28 ----HD---- C:\Program Files\WindowsApps
2016-09-18 17:46:05 ----D---- C:\windows\system32\Tasks
2016-09-18 17:24:36 ----D---- C:\ProgramData\Oracle
2016-09-18 17:24:07 ----SHD---- C:\windows\Installer
2016-09-18 17:24:07 ----SHD---- C:\Config.Msi
2016-09-18 17:24:05 ----D---- C:\Program Files (x86)\Java
2016-09-18 17:23:51 ----D---- C:\windows\SysWOW64
2016-09-18 17:23:41 ----D---- C:\Program Files (x86)\Common Files
2016-09-18 17:23:11 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-09-18 17:21:44 ----D---- C:\windows\Inf
2016-09-18 17:21:36 ----AD---- C:\Windows
2016-09-18 17:20:22 ----D---- C:\windows\CbsTemp
2016-09-18 17:20:05 ----D---- C:\windows\WinSxS
2016-09-18 17:20:04 ----D---- C:\Users\Haník\AppData\Roaming\Skype
2016-09-18 17:19:23 ----D---- C:\windows\system32\catroot2
2016-09-18 17:18:40 ----D---- C:\windows\AppReadiness
2016-09-18 17:15:58 ----D---- C:\ProgramData\LU
2016-09-18 17:12:26 ----RAD---- C:\windows\System32
2016-09-18 17:12:26 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-09-18 17:06:42 ----D---- C:\windows\SoftwareDistribution
2016-09-18 17:04:50 ----D---- C:\Program Files (x86)\Lenovo
2016-09-18 16:57:23 ----D---- C:\Users\Haník\AppData\Roaming\TS3Client
2016-09-18 16:56:56 ----D---- C:\windows\Panther
2016-09-18 16:56:54 ----D---- C:\windows\Minidump
2016-09-18 16:56:54 ----D---- C:\windows\Logs
2016-09-18 16:56:54 ----D---- C:\windows\debug
2016-09-18 16:41:11 ----D---- C:\Program Files\Lenovo PhoneCompanion
2016-09-18 16:33:17 ----D---- C:\ProgramData\Lenovo
2016-09-18 16:21:28 ----D---- C:\windows\Microsoft.NET
2016-09-18 16:21:24 ----D---- C:\windows\system32\SecureBootUpdates
2016-09-18 16:21:16 ----SHD---- C:\System Volume Information
2016-09-18 16:03:01 ----D---- C:\ProgramData\Origin
2016-09-18 15:59:04 ----D---- C:\Program Files (x86)\SoD
2016-09-18 15:55:02 ----RD---- C:\windows\ToastData
2016-09-18 15:55:02 ----D---- C:\windows\system32\wbem
2016-09-18 15:55:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\en-US
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-18 15:55:01 ----D---- C:\Program Files\Internet Explorer
2016-09-18 15:55:00 ----D---- C:\windows\system32\en-US
2016-09-18 15:55:00 ----D---- C:\windows\system32\cs-CZ
2016-09-18 15:54:58 ----D---- C:\windows\system32\appraiser
2016-09-18 15:54:57 ----D---- C:\Program Files\Windows Journal
2016-09-18 15:54:56 ----D---- C:\windows\system32\CodeIntegrity
2016-09-18 15:54:53 ----D---- C:\windows\SYSWOW64\wbem
2016-09-18 15:54:48 ----D---- C:\windows\system32\DriverStore
2016-09-17 21:33:03 ----D---- C:\Users\Haník\AppData\Roaming\.minecraft
2016-09-15 17:49:56 ----D---- C:\windows\system32\NDF
2016-09-15 17:44:05 ----D---- C:\Users\Haník\AppData\Roaming\IMVU
2016-09-15 17:43:39 ----D---- C:\ProgramData\Energy Manager
2016-09-13 17:55:59 ----D---- C:\ProgramData\Package Cache
2016-09-13 17:55:44 ----D---- C:\Program Files (x86)\Garmin
2016-09-12 20:40:58 ----D---- C:\ProgramData\boost_interprocess
2016-09-11 00:01:01 ----D---- C:\Program Files (x86)\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-11 36608]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\windows\system32\DRIVERS\amdpsp.sys [2014-02-24 230088]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [2013-09-03 56336]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;@oem23.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;@oem35.inf,%AksFridgeServiceDisp%;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R3 ACPIVPC;@oem18.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-11 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem10.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-15 558296]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 RTWlanE;@oem32.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2014-10-07 3593432]
R3 SNP2UVC;@oem16.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 akshasp;@oem34.inf,%svcdesc%;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;@oem35.inf,%svcdesc%;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;@oem33.inf,%svcdesc%;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2014-02-24 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor13.0;Adobe Active File Monitor V13; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [2014-08-31 231120]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-23 84992]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-08-31 928272]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2015-09-23 4665168]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 tbaseprovisioning;tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [2014-02-24 51712]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-09 1471352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-23 2122248]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S3 ShareItSvc;ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [2016-01-14 31176]
S4 DiagTrack;Diagnostics Tracking Service; C:\windows\System32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#4 Příspěvek od TygrHanik »

Zde log po skenování a čištění:


# AdwCleaner v6.020 - Log soubor vytvořen 24/09/2016 na 13:23:40
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-23.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Haník - PUSHEEN
# Beží od : C:\Users\Haník\Desktop\adwcleaner.exe
# Mod: Skenování
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Adresáře ] *****

Složka nalezena: C:\Users\Haník\AppData\Local\SweetLabs App Platform
Složka nalezena: C:\Users\Spravce\AppData\Local\pokki
Složka nalezena: C:\Users\Spravce\AppData\Local\Pokki
Složka nalezena: C:\Users\Maminka\AppData\Local\pokki
Složka nalezena: C:\Users\Maminka\AppData\Local\Pokki
Složka nalezena: C:\ProgramData\apn
Složka nalezena: C:\ProgramData\pokki
Složka nalezena: C:\ProgramData\Pokki
Složka nalezena: C:\ProgramData\Application Data\apn
Složka nalezena: C:\ProgramData\Application Data\pokki
Složka nalezena: C:\ProgramData\Application Data\Pokki
Složka nalezena: C:\Users\Default User\AppData\Local\Pokki
Složka nalezena: C:\Users\Default\AppData\Local\Pokki
Složka nalezena: C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd


***** [ Soubory ] *****

Soubor nalezen: C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Soubor nalezen: C:\Users\Spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk
Soubor nalezen: C:\windows\SysNative\VisualDiscoveryOff.ini
Soubor nalezen: C:\windows\SysWOW64\VisualDiscovery.ini
Soubor nalezen: C:\windows\SysWOW64\VisualDiscoveryOff.ini


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL soubory.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupce ] *****

Zástupce infikován: C:\Users\Public\Desktop\Google Chrome.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,1474107753708" )
Zástupce infikován: C:\Users\Public\Desktop\Opera.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,1474107753708" )
Zástupce infikován: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,1474107753708" )
Zástupce infikován: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,1474107753708" )
Zástupce infikován: C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,147410
Zástupce infikován: C:\Users\Haník\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b
Zástupce infikován: C:\Users\Haník\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598af
Zástupce infikován: C:\Users\Spravce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,1474
Zástupce infikován: C:\Users\Spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d-b31598afdec1,14741
Zástupce infikován: C:\Users\Spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74d
Zástupce infikován: C:\Users\Spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599-b74
Zástupce infikován: C:\Users\Spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( "hxxp://tech-connect.biz/?ssid=1474107806&a=1107337&src=sh&uuid=174e10f7-9d64-4599


***** [ Plánovač úloh ] *****

Úkol nalezen: SweetLabs App Platform


***** [ Registry ] *****

Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Klíč nalezen: HKU\S-1-5-21-2589391664-2805236057-4208177-1002\Software\Classes\pokki
Klíč nalezen: HKCU\Software\Classes\pokki
Klíč nalezen: [x64] HKCU\Software\Classes\pokki
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Klíč nalezen: HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč nalezen: HKU\S-1-5-21-2589391664-2805236057-4208177-1002\Software\SweetLabs App Platform
Klíč nalezen: HKU\S-1-5-21-2589391664-2805236057-4208177-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKU\S-1-5-21-2589391664-2805236057-4208177-1002\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: HKU\S-1-5-18\Software\AskPartnerNetwork
Klíč nalezen: HKCU\Software\SweetLabs App Platform
Klíč nalezen: HKLM\SOFTWARE\VisualDiscovery
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Klíč nalezen: [x64] HKCU\Software\SweetLabs App Platform
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Hodnota nalezena: HKU\S-1-5-21-2589391664-2805236057-4208177-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Klíč nalezen: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Directory\shell\pokki
Klíč nalezen: HKCU\Software\Classes\Drive\shell\pokki
Klíč nalezen: HKCU\Software\Classes\lnkfile\shell\pokki
Klíč nalezen: HKLM\SOFTWARE\Classes\AppID\VISUALDISCOVERY.EXE
Klíč nalezen: HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Klíč nalezen: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč nalezen: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč nalezen: HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd
Klíč nalezen: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Haník\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - aaaaapdcjfaomkafnbpoclmfakjianjd
Chromium nastavení nalezeno: [C:\Users\Haník\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - www2.inbox.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - directx.en.softonic.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - start.funmoods.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - websearch.ask.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.icq.com
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 02-147&t=4
Chromium nastavení nalezeno: [C:\Users\Spravce\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - aaaaapdcjfaomkafnbpoclmfakjianjd
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - www2.inbox.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - start.funmoods.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - websearch.ask.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.icq.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Web data] - directx.en.softonic.com
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 02-147&t=4
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - aaaaapdcjfaomkafnbpoclmfakjianjd

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [10461 Bajtů] - [24/09/2016 13:23:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10536 Bajtů] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#5 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#6 Příspěvek od TygrHanik »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Haník at 2016-09-24 19:26:57
Microsoft Windows 8.1
System drive C: has 828 GB (91%) free of 911 GB
Total RAM: 7128 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:04, on 24. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Haník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://non-block.net/wpad.dat?f5d67429e ... 0016630141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [ghost] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Active File Monitor V13 (AdobeActiveFileMonitor13.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11744 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\SysWOW64\tbaseprovisioning.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 488844598512
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\windows\system32\CxAudMsg64.exe
dashost.exe {77a2c4a5-03bf-427b-8f83dd499fe50a40}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe"
C:\windows\system32\hasplms.exe -run
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2651f714-a4e5-4a50-a066-0a8c15a8bbd7 -SystemEventPortName:HostProcess-c3801aac-bd50-4727-a816-07eb0923d3eb -IoCancelEventPortName:HostProcess-c8d18912-7e89-4fd3-909b-95ca52b63291 -NonStateChangingEventPortName:HostProcess-eab7376d-c30f-4942-966b-390133fe8b7a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ff40496f-fe1e-4582-9429-3ec7c7b57bee -DeviceGroupId:WudfDefaultDevicePool
atieclxx
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
taskhostex.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe"
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\windows\system32\svchost.exe -k defragsvc
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
wmiadap.exe /R /T
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Haník\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0x13c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6028.0.1628924553\2136548921" --mojo-application-channel-token=CE1370D44F615F978F8393CF3367E0FB --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --mojo-platform-channel-handle=1120 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --mojo-channel-token=6318B0DDF5F5178BAD48716385DA972B --lang=cs --mojo-application-channel-token=BE9451D61A524D4BA95BD64C6A0D1F3F --mojo-platform-channel-handle=2412 --ignored=" --type=renderer " /prefetch:8
C:\windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=44474FEF1FD0FE94A91915AADC7A0D39 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=6A0531BEC8DF4EDEE5D958B52A3BB358 --mojo-application-channel-token=44474FEF1FD0FE94A91915AADC7A0D39 --channel="6028.3.1394262254\1816110966" --mojo-platform-channel-handle=4264 /prefetch:1
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2589391664-2805236057-4208177-10024_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2589391664-2805236057-4208177-10024 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=BCF98F4D32CF85ADB7C5EB4E0F4D92D0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=9C57DFCF6EE06626BC3A1AC9A726C308 --mojo-application-channel-token=BCF98F4D32CF85ADB7C5EB4E0F4D92D0 --channel="6028.5.96366981\817380794" --mojo-platform-channel-handle=5440 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=864B26ED86432E27EA98CACAD5FD6D99 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=860F7C7BFF7629F90ADC40A99D3FF793 --mojo-application-channel-token=864B26ED86432E27EA98CACAD5FD6D99 --channel="6028.6.1517097397\375626311" --mojo-platform-channel-handle=6244 /prefetch:1
"C:\Users\Haník\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d064cdb6561be0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-12-13 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-18 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-12-13 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-11 2891592]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-07 216064]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27 557984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-06-23 3639280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-06-29 26424960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2016-07-27 7874024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"ghost"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe [2010-02-08 192000]
"Tilt"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe [2011-04-20 729088]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Haník\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-24 13:19:37 ----D---- C:\AdwCleaner
2016-09-18 18:13:42 ----D---- C:\Program Files\trend micro
2016-09-18 18:13:41 ----D---- C:\rsit
2016-09-18 17:50:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mwac.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbam.sys
2016-09-18 17:48:53 ----D---- C:\ProgramData\Malwarebytes
2016-09-18 17:48:53 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-18 17:21:01 ----A---- C:\windows\system32\esent.dll
2016-09-18 17:21:00 ----A---- C:\windows\SYSWOW64\esent.dll
2016-09-18 17:20:59 ----A---- C:\windows\system32\vpnike.dll
2016-09-18 17:20:58 ----A---- C:\windows\system32\rdpcorets.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\rasapi32.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2016-09-18 17:20:57 ----A---- C:\windows\system32\rasapi32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\wpdbusenum.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasppp.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasmans.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\mountmgr.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\agilevpn.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\dnsapi.dll
2016-09-18 17:20:55 ----A---- C:\windows\system32\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasppp.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpudd.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpclip.exe
2016-09-18 17:20:54 ----A---- C:\windows\system32\rascustom.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\nshwfp.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\IKEEXT.DLL
2016-09-18 17:20:54 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-18 17:20:54 ----A---- C:\windows\system32\dnsrslvr.dll
2016-09-18 17:20:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\lsasrv.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-18 17:20:46 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-18 17:20:46 ----A---- C:\windows\system32\certcli.dll
2016-09-18 17:20:39 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winresume.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winload.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\ntdll.dll
2016-09-18 17:20:37 ----A---- C:\windows\system32\csrsrv.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanmm.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanconn.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\pnidui.dll
2016-09-18 17:20:34 ----A---- C:\windows\system32\win32k.sys
2016-09-18 17:20:33 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-18 17:20:33 ----A---- C:\windows\system32\user32.dll
2016-09-18 16:18:45 ----A---- C:\windows\system32\TpmTasks.dll
2016-09-17 12:23:27 ----D---- C:\ProgramData\Webitar Production Inc
2016-09-17 11:15:14 ----D---- C:\Users\Haník\AppData\Roaming\SYSTEMAX Software Development
2016-09-17 11:15:14 ----D---- C:\ProgramData\SYSTEMAX Software Development
2016-09-11 10:39:22 ----D---- C:\Users\Haník\AppData\Roaming\WinRAR
2016-09-11 10:34:32 ----D---- C:\Program Files\WinRAR
2016-09-11 10:28:59 ----D---- C:\Program Files (x86)\WinRAR

======List of files/folders modified in the last 1 month======

2016-09-24 19:25:36 ----D---- C:\Users\Haník\AppData\Roaming\Skype
2016-09-24 19:25:10 ----D---- C:\windows\Temp
2016-09-24 19:24:53 ----D---- C:\windows\system32\sru
2016-09-24 19:24:53 ----D---- C:\windows\Microsoft.NET
2016-09-24 14:12:16 ----D---- C:\windows\Prefetch
2016-09-24 14:08:34 ----D---- C:\windows\AppReadiness
2016-09-24 14:03:01 ----D---- C:\windows\system32\config
2016-09-24 14:01:01 ----D---- C:\windows\CbsTemp
2016-09-24 13:47:34 ----D---- C:\windows\system32\Tasks
2016-09-24 13:47:34 ----D---- C:\Program Files (x86)\Opera
2016-09-24 13:47:32 ----RAD---- C:\windows\System32
2016-09-24 13:47:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-09-24 13:45:18 ----D---- C:\ProgramData\Origin
2016-09-24 13:42:50 ----D---- C:\ProgramData\Energy Manager
2016-09-24 13:41:57 ----D---- C:\windows\WinSxS
2016-09-24 13:40:36 ----AD---- C:\Windows
2016-09-24 13:38:03 ----D---- C:\windows\SysWOW64
2016-09-24 13:38:03 ----D---- C:\windows\system32\drivers
2016-09-24 13:37:58 ----D---- C:\windows\SYSWOW64\setup
2016-09-24 13:37:58 ----D---- C:\windows\system32\setup
2016-09-24 13:37:58 ----D---- C:\windows\Inf
2016-09-24 13:32:28 ----HD---- C:\ProgramData
2016-09-24 13:21:36 ----D---- C:\windows\system32\MRT
2016-09-24 13:21:35 ----D---- C:\windows\debug
2016-09-24 13:21:27 ----AC---- C:\windows\system32\MRT.exe
2016-09-24 13:18:53 ----RD---- C:\Program Files
2016-09-24 13:18:53 ----D---- C:\windows\system32\en-US
2016-09-24 13:18:53 ----D---- C:\windows\system32\cs-CZ
2016-09-24 13:18:27 ----SHD---- C:\System Volume Information
2016-09-18 18:22:57 ----D---- C:\windows\rescache
2016-09-18 17:48:53 ----RD---- C:\Program Files (x86)
2016-09-18 17:48:28 ----HD---- C:\Program Files\WindowsApps
2016-09-18 17:24:36 ----D---- C:\ProgramData\Oracle
2016-09-18 17:24:07 ----SHD---- C:\windows\Installer
2016-09-18 17:24:07 ----SHD---- C:\Config.Msi
2016-09-18 17:24:05 ----D---- C:\Program Files (x86)\Java
2016-09-18 17:23:41 ----D---- C:\Program Files (x86)\Common Files
2016-09-18 17:23:11 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-09-18 17:19:23 ----D---- C:\windows\system32\catroot2
2016-09-18 17:15:58 ----D---- C:\ProgramData\LU
2016-09-18 17:06:42 ----D---- C:\windows\SoftwareDistribution
2016-09-18 17:04:50 ----D---- C:\Program Files (x86)\Lenovo
2016-09-18 16:57:23 ----D---- C:\Users\Haník\AppData\Roaming\TS3Client
2016-09-18 16:56:56 ----D---- C:\windows\Panther
2016-09-18 16:56:54 ----D---- C:\windows\Minidump
2016-09-18 16:56:54 ----D---- C:\windows\Logs
2016-09-18 16:41:11 ----D---- C:\Program Files\Lenovo PhoneCompanion
2016-09-18 16:33:17 ----D---- C:\ProgramData\Lenovo
2016-09-18 16:21:24 ----D---- C:\windows\system32\SecureBootUpdates
2016-09-18 15:59:04 ----D---- C:\Program Files (x86)\SoD
2016-09-18 15:55:02 ----RD---- C:\windows\ToastData
2016-09-18 15:55:02 ----D---- C:\windows\system32\wbem
2016-09-18 15:55:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\en-US
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-18 15:55:01 ----D---- C:\Program Files\Internet Explorer
2016-09-18 15:54:58 ----D---- C:\windows\system32\appraiser
2016-09-18 15:54:56 ----D---- C:\windows\system32\CodeIntegrity
2016-09-18 15:54:53 ----D---- C:\windows\SYSWOW64\wbem
2016-09-18 15:54:48 ----D---- C:\windows\system32\DriverStore
2016-09-17 21:33:03 ----D---- C:\Users\Haník\AppData\Roaming\.minecraft
2016-09-15 17:49:56 ----D---- C:\windows\system32\NDF
2016-09-15 17:44:05 ----D---- C:\Users\Haník\AppData\Roaming\IMVU
2016-09-13 17:55:59 ----D---- C:\ProgramData\Package Cache
2016-09-13 17:55:44 ----D---- C:\Program Files (x86)\Garmin
2016-09-12 20:40:58 ----D---- C:\ProgramData\boost_interprocess
2016-09-07 03:11:48 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-11 36608]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\windows\system32\DRIVERS\amdpsp.sys [2014-02-24 230088]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [2013-09-03 56336]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;@oem23.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;@oem35.inf,%AksFridgeServiceDisp%;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R3 ACPIVPC;@oem18.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-11 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem10.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-15 558296]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 RTWlanE;@oem32.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2014-10-07 3593432]
R3 SNP2UVC;@oem16.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 akshasp;@oem34.inf,%svcdesc%;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;@oem35.inf,%svcdesc%;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;@oem33.inf,%svcdesc%;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2014-02-24 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor13.0;Adobe Active File Monitor V13; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [2014-08-31 231120]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-23 84992]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-08-31 928272]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2015-09-23 4665168]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 tbaseprovisioning;tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [2014-02-24 51712]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-09 1471352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-23 2122248]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S3 ShareItSvc;ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [2016-01-14 31176]
S4 DiagTrack;Diagnostics Tracking Service; C:\windows\System32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#7 Příspěvek od Rudy »

ADW nemazal, asi jste neklikl na mazání. Zkuste ještě jednou a pak dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#8 Příspěvek od TygrHanik »

ADW jsem znova aktivovala a tentokrát jsem si jistá,že mazal.Je trochu podivné,že před tím(1.mazání) našel 89 "hrozeb" a teď 4.Teď myslím,že by už(i podle logu co mi napsal)měla být "hrozba" odstraňena.
Zde log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Haník at 2016-09-24 20:26:45
Microsoft Windows 8.1
System drive C: has 828 GB (91%) free of 911 GB
Total RAM: 7128 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:26:52, on 24. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Haník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://non-block.net/wpad.dat?f5d67429e ... 0016630141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [ghost] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Active File Monitor V13 (AdobeActiveFileMonitor13.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11664 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\SysWOW64\tbaseprovisioning.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 269020549328
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\windows\system32\CxAudMsg64.exe
dashost.exe {fbd334d4-7593-48ec-94d9b49bcfcb6773}
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
C:\windows\Explorer.EXE
C:\windows\system32\hasplms.exe -run
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7924116b-7f2f-462c-bf00-84ddf41195cb -SystemEventPortName:HostProcess-3ad04c0b-0036-47f0-89da-8006a7e9df7e -IoCancelEventPortName:HostProcess-e57bc0f5-f439-4d9c-9d9a-4f58872c08eb -NonStateChangingEventPortName:HostProcess-13632d75-9396-47a3-8d40-30ab56b0089a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:08ff43cb-af44-4c98-82bc-1084eb7275e4 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe"
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 -1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Haník\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0x144
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4736.0.331517144\1146539758" --mojo-application-channel-token=171DAA4D33FA80719A258DC77DFDA18B --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Control_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Control/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Default/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=57EA8DCBE9077ABB5916D48AD2F9FC6E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2BA0BD3D5FA3E1890141386D4CA5AB6E --mojo-application-channel-token=57EA8DCBE9077ABB5916D48AD2F9FC6E --channel="4736.3.1102287742\308511239" --mojo-platform-channel-handle=3368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --mojo-channel-token=112CB56D94F4EAAFC516DEA4CC0C4716 --lang=cs --mojo-application-channel-token=5FD61E43B5EC19BFA105497EB3552A66 --mojo-platform-channel-handle=4032 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding

"C:\Users\Haník\Desktop\RSITx64.exe"


======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d064cdb6561be0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-12-13 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-18 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-12-13 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-11 2891592]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-07 216064]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27 557984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Haník\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-06-23 3639280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-06-29 26424960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"ghost"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe [2010-02-08 192000]
"Tilt"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe [2011-04-20 729088]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Haník\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-24 13:19:37 ----D---- C:\AdwCleaner
2016-09-18 18:13:42 ----D---- C:\Program Files\trend micro
2016-09-18 18:13:41 ----D---- C:\rsit
2016-09-18 17:50:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mwac.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbam.sys
2016-09-18 17:48:53 ----D---- C:\ProgramData\Malwarebytes
2016-09-18 17:48:53 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-18 17:21:01 ----A---- C:\windows\system32\esent.dll
2016-09-18 17:21:00 ----A---- C:\windows\SYSWOW64\esent.dll
2016-09-18 17:20:59 ----A---- C:\windows\system32\vpnike.dll
2016-09-18 17:20:58 ----A---- C:\windows\system32\rdpcorets.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\rasapi32.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2016-09-18 17:20:57 ----A---- C:\windows\system32\rasapi32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\wpdbusenum.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasppp.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasmans.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\mountmgr.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\agilevpn.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\dnsapi.dll
2016-09-18 17:20:55 ----A---- C:\windows\system32\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasppp.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpudd.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpclip.exe
2016-09-18 17:20:54 ----A---- C:\windows\system32\rascustom.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\nshwfp.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\IKEEXT.DLL
2016-09-18 17:20:54 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-18 17:20:54 ----A---- C:\windows\system32\dnsrslvr.dll
2016-09-18 17:20:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\lsasrv.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-18 17:20:46 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-18 17:20:46 ----A---- C:\windows\system32\certcli.dll
2016-09-18 17:20:39 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winresume.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winload.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\ntdll.dll
2016-09-18 17:20:37 ----A---- C:\windows\system32\csrsrv.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanmm.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanconn.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\pnidui.dll
2016-09-18 17:20:34 ----A---- C:\windows\system32\win32k.sys
2016-09-18 17:20:33 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-18 17:20:33 ----A---- C:\windows\system32\user32.dll
2016-09-18 16:18:45 ----A---- C:\windows\system32\TpmTasks.dll
2016-09-17 12:23:27 ----D---- C:\ProgramData\Webitar Production Inc
2016-09-17 11:15:14 ----D---- C:\Users\Haník\AppData\Roaming\SYSTEMAX Software Development
2016-09-17 11:15:14 ----D---- C:\ProgramData\SYSTEMAX Software Development
2016-09-11 10:39:22 ----D---- C:\Users\Haník\AppData\Roaming\WinRAR
2016-09-11 10:34:32 ----D---- C:\Program Files\WinRAR
2016-09-11 10:28:59 ----D---- C:\Program Files (x86)\WinRAR

======List of files/folders modified in the last 1 month======

2016-09-24 20:26:41 ----D---- C:\windows\Temp
2016-09-24 20:23:10 ----RAD---- C:\windows\System32
2016-09-24 20:23:10 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-09-24 20:19:47 ----D---- C:\Users\Haník\AppData\Roaming\Skype
2016-09-24 20:19:24 ----D---- C:\windows\AppReadiness
2016-09-24 20:19:14 ----D---- C:\ProgramData\Origin
2016-09-24 20:18:15 ----D---- C:\windows\Prefetch
2016-09-24 20:16:52 ----D---- C:\windows\Inf
2016-09-24 20:12:11 ----D---- C:\windows\Microsoft.NET
2016-09-24 20:00:00 ----D---- C:\windows\system32\sru
2016-09-24 19:44:12 ----D---- C:\windows\system32\config
2016-09-24 14:01:01 ----D---- C:\windows\CbsTemp
2016-09-24 13:47:34 ----D---- C:\windows\system32\Tasks
2016-09-24 13:47:34 ----D---- C:\Program Files (x86)\Opera
2016-09-24 13:42:50 ----D---- C:\ProgramData\Energy Manager
2016-09-24 13:41:57 ----D---- C:\windows\WinSxS
2016-09-24 13:40:36 ----AD---- C:\Windows
2016-09-24 13:38:03 ----D---- C:\windows\SysWOW64
2016-09-24 13:38:03 ----D---- C:\windows\system32\drivers
2016-09-24 13:37:58 ----D---- C:\windows\SYSWOW64\setup
2016-09-24 13:37:58 ----D---- C:\windows\system32\setup
2016-09-24 13:32:28 ----HD---- C:\ProgramData
2016-09-24 13:21:36 ----D---- C:\windows\system32\MRT
2016-09-24 13:21:35 ----D---- C:\windows\debug
2016-09-24 13:21:27 ----AC---- C:\windows\system32\MRT.exe
2016-09-24 13:18:53 ----RD---- C:\Program Files
2016-09-24 13:18:53 ----D---- C:\windows\system32\en-US
2016-09-24 13:18:53 ----D---- C:\windows\system32\cs-CZ
2016-09-24 13:18:27 ----SHD---- C:\System Volume Information
2016-09-18 18:22:57 ----D---- C:\windows\rescache
2016-09-18 17:48:53 ----RD---- C:\Program Files (x86)
2016-09-18 17:48:28 ----HD---- C:\Program Files\WindowsApps
2016-09-18 17:24:36 ----D---- C:\ProgramData\Oracle
2016-09-18 17:24:07 ----SHD---- C:\windows\Installer
2016-09-18 17:24:07 ----SHD---- C:\Config.Msi
2016-09-18 17:24:05 ----D---- C:\Program Files (x86)\Java
2016-09-18 17:23:41 ----D---- C:\Program Files (x86)\Common Files
2016-09-18 17:23:11 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-09-18 17:19:23 ----D---- C:\windows\system32\catroot2
2016-09-18 17:15:58 ----D---- C:\ProgramData\LU
2016-09-18 17:06:42 ----D---- C:\windows\SoftwareDistribution
2016-09-18 17:04:50 ----D---- C:\Program Files (x86)\Lenovo
2016-09-18 16:57:23 ----D---- C:\Users\Haník\AppData\Roaming\TS3Client
2016-09-18 16:56:56 ----D---- C:\windows\Panther
2016-09-18 16:56:54 ----D---- C:\windows\Minidump
2016-09-18 16:56:54 ----D---- C:\windows\Logs
2016-09-18 16:41:11 ----D---- C:\Program Files\Lenovo PhoneCompanion
2016-09-18 16:33:17 ----D---- C:\ProgramData\Lenovo
2016-09-18 16:21:24 ----D---- C:\windows\system32\SecureBootUpdates
2016-09-18 15:59:04 ----D---- C:\Program Files (x86)\SoD
2016-09-18 15:55:02 ----RD---- C:\windows\ToastData
2016-09-18 15:55:02 ----D---- C:\windows\system32\wbem
2016-09-18 15:55:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\en-US
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-18 15:55:01 ----D---- C:\Program Files\Internet Explorer
2016-09-18 15:54:58 ----D---- C:\windows\system32\appraiser
2016-09-18 15:54:56 ----D---- C:\windows\system32\CodeIntegrity
2016-09-18 15:54:53 ----D---- C:\windows\SYSWOW64\wbem
2016-09-18 15:54:48 ----D---- C:\windows\system32\DriverStore
2016-09-17 21:33:03 ----D---- C:\Users\Haník\AppData\Roaming\.minecraft
2016-09-15 17:49:56 ----D---- C:\windows\system32\NDF
2016-09-15 17:44:05 ----D---- C:\Users\Haník\AppData\Roaming\IMVU
2016-09-13 17:55:59 ----D---- C:\ProgramData\Package Cache
2016-09-13 17:55:44 ----D---- C:\Program Files (x86)\Garmin
2016-09-12 20:40:58 ----D---- C:\ProgramData\boost_interprocess
2016-09-07 03:11:48 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-11 36608]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\windows\system32\DRIVERS\amdpsp.sys [2014-02-24 230088]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [2013-09-03 56336]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;@oem23.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;@oem35.inf,%AksFridgeServiceDisp%;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R3 ACPIVPC;@oem18.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-11 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem10.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-15 558296]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 RTWlanE;@oem32.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2014-10-07 3593432]
R3 SNP2UVC;@oem16.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 akshasp;@oem34.inf,%svcdesc%;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;@oem35.inf,%svcdesc%;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;@oem33.inf,%svcdesc%;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2014-02-24 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor13.0;Adobe Active File Monitor V13; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [2014-08-31 231120]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-23 84992]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-08-31 928272]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2015-09-23 4665168]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 tbaseprovisioning;tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [2014-02-24 51712]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-09 1471352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-23 2122248]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S3 ShareItSvc;ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [2016-01-14 31176]
S4 DiagTrack;Diagnostics Tracking Service; C:\windows\System32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#9 Příspěvek od Rudy »

OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Haník\AppData\Local\Microsoft\BingSvc
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1d064cdb6561be0.job

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
TygrHanik
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 18 zář 2016 17:06

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#10 Příspěvek od TygrHanik »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Haník at 2016-09-28 09:39:08
Microsoft Windows 8.1
System drive C: has 830 GB (91%) free of 911 GB
Total RAM: 7128 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:39:13, on 28. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe
C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera_crashreporter.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
C:\Program Files\trend micro\Haník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://non-block.net/wpad.dat?f5d67429e ... 0016630141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [ghost] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2 ... rol_32.CAB
O23 - Service: Adobe Active File Monitor V13 (AdobeActiveFileMonitor13.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\windows\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11486 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\SysWOW64\tbaseprovisioning.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 52777174640
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
dashost.exe {863408c0-0c44-4a9a-9a57a5ac4a36a3f7}
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe"
C:\windows\system32\hasplms.exe -run
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
C:\windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\Explorer.EXE
taskeng.exe {032B3F64-64A0-4D94-8A6D-78C52C478A2F}
taskhostex.exe
"C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\windows\System32\svchost.exe -k AppReadiness
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8a30abdc-1518-4b1a-b559-0a38c15e3f21 -SystemEventPortName:HostProcess-7776937f-70ac-4bc5-8068-416b31f712a8 -IoCancelEventPortName:HostProcess-1b460998-9ddc-4c77-9084-001693a5c051 -NonStateChangingEventPortName:HostProcess-47915dba-5342-4efd-9ed6-de76916ab541 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f48f1369-49bf-47d1-b7f8-99475f41b3ae -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\GHOSTOPEN.exe"
"C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\40.0.2308.62\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=3092
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=gpu-process --channel="3092.0.1930479567\1499010638" --mojo-application-channel-token=63AD3B3B3B7354E01B63C238C49B5C7E --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,16,18,31,56 --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --mojo-platform-channel-handle=1256 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=FA8AB336BA35D04A2A6D7448270C25A6 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3D3E8267632D53887775CA4E829AAF79 --mojo-application-channel-token=FA8AB336BA35D04A2A6D7448270C25A6 --channel="3092.2.29888341\1370378131" --mojo-platform-channel-handle=2092 /prefetch:1
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=E63F4A88201791840307C66EA1E76A1A --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B2409039D0F352EF5A9E033C3D3414B1 --mojo-application-channel-token=E63F4A88201791840307C66EA1E76A1A --channel="3092.4.732835256\816838928" --mojo-platform-channel-handle=2340 /prefetch:1
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=679FDF6FB6270D409CAF18B43044D73F --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=64AE8CBDA72F9E172161D7BC09A6AA7A --mojo-application-channel-token=679FDF6FB6270D409CAF18B43044D73F --channel="3092.5.288859792\808992348" --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=035696318D52929E1C72785441B619E4 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=64341511696595E561EFDD11BDB60F55 --mojo-application-channel-token=035696318D52929E1C72785441B619E4 --channel="3092.6.495910863\633799796" --mojo-platform-channel-handle=2696 /prefetch:1
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=8F471304E3E379464AD858ABF9E2D495 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=446E6CC5ADCD819E4480B92871D957F2 --mojo-application-channel-token=8F471304E3E379464AD858ABF9E2D495 --channel="3092.7.2005597025\465527320" --mojo-platform-channel-handle=2728 /prefetch:1
"C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --primordial-pipe-token=1641DDEB884154D50602F0D58A93E27A --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=5216 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E119571BDA825119FE8F064095FAC9C4 --mojo-application-channel-token=1641DDEB884154D50602F0D58A93E27A --channel="3092.10.141549022\881852806" --mojo-platform-channel-handle=2400 /prefetch:1
"C:\Users\Haník\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-12-13 483520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-18 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-18 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-12-13 440512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-12-13 803520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-12-13 683200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-11 2891592]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-07 216064]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-07-08 5595848]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27 557984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2016-06-23 3639280]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-06-29 26424960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Haník\AppData\Local\SweetLabs App Platform\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"ghost"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\ghostopen.exe [2010-02-08 192000]
"Tilt"=C:\Users\Haník\Documents\GIGABYTE\GHOST(6980X)\Tilt.exe [2011-04-20 729088]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-09-13 5565960]

C:\Users\Haník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IMVU.lnk - C:\Users\Haník\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-24 22:44:18 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-09-24 22:39:02 ----D---- C:\_OTM
2016-09-24 13:19:37 ----D---- C:\AdwCleaner
2016-09-18 18:13:42 ----D---- C:\Program Files\trend micro
2016-09-18 18:13:41 ----D---- C:\rsit
2016-09-18 17:50:37 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mwac.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2016-09-18 17:48:54 ----A---- C:\windows\system32\drivers\mbam.sys
2016-09-18 17:48:53 ----D---- C:\ProgramData\Malwarebytes
2016-09-18 17:48:53 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-18 17:21:01 ----A---- C:\windows\system32\esent.dll
2016-09-18 17:21:00 ----A---- C:\windows\SYSWOW64\esent.dll
2016-09-18 17:20:59 ----A---- C:\windows\system32\vpnike.dll
2016-09-18 17:20:58 ----A---- C:\windows\system32\rdpcorets.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\rasapi32.dll
2016-09-18 17:20:57 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2016-09-18 17:20:57 ----A---- C:\windows\system32\rasapi32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\SYSWOW64\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\wpdbusenum.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasppp.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\rasmans.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\ole32.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprdim.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\mprddm.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\dssenh.dll
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\mountmgr.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\drivers\agilevpn.sys
2016-09-18 17:20:56 ----A---- C:\windows\system32\dnsapi.dll
2016-09-18 17:20:55 ----A---- C:\windows\system32\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasppp.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\rasman.dll
2016-09-18 17:20:54 ----A---- C:\windows\SYSWOW64\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpudd.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\rdpclip.exe
2016-09-18 17:20:54 ----A---- C:\windows\system32\rascustom.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\nshwfp.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\iprtrmgr.dll
2016-09-18 17:20:54 ----A---- C:\windows\system32\IKEEXT.DLL
2016-09-18 17:20:54 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-18 17:20:54 ----A---- C:\windows\system32\dnsrslvr.dll
2016-09-18 17:20:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\lsasrv.dll
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-18 17:20:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-18 17:20:46 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-18 17:20:46 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-18 17:20:46 ----A---- C:\windows\system32\certcli.dll
2016-09-18 17:20:39 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winresume.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\winload.exe
2016-09-18 17:20:38 ----A---- C:\windows\system32\ntdll.dll
2016-09-18 17:20:37 ----A---- C:\windows\system32\csrsrv.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanmm.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\wwanconn.dll
2016-09-18 17:20:35 ----A---- C:\windows\system32\pnidui.dll
2016-09-18 17:20:34 ----A---- C:\windows\system32\win32k.sys
2016-09-18 17:20:33 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-18 17:20:33 ----A---- C:\windows\system32\user32.dll
2016-09-18 16:18:45 ----A---- C:\windows\system32\TpmTasks.dll
2016-09-17 12:23:27 ----D---- C:\ProgramData\Webitar Production Inc
2016-09-17 11:15:14 ----D---- C:\Users\Haník\AppData\Roaming\SYSTEMAX Software Development
2016-09-17 11:15:14 ----D---- C:\ProgramData\SYSTEMAX Software Development
2016-09-11 10:39:22 ----D---- C:\Users\Haník\AppData\Roaming\WinRAR
2016-09-11 10:34:32 ----D---- C:\Program Files\WinRAR
2016-09-11 10:28:59 ----D---- C:\Program Files (x86)\WinRAR
2016-08-31 15:46:20 ----AH---- C:\windows\system32\drivers\Hamdrv.sys

======List of files/folders modified in the last 1 month======

2016-09-28 09:38:53 ----D---- C:\Users\Haník\AppData\Roaming\Skype
2016-09-28 09:37:36 ----D---- C:\windows\Prefetch
2016-09-28 09:37:30 ----D---- C:\windows\Temp
2016-09-28 09:32:43 ----RAD---- C:\windows\System32
2016-09-28 09:32:43 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-09-28 09:30:08 ----D---- C:\Program Files (x86)\Opera
2016-09-28 09:29:48 ----D---- C:\windows\Microsoft.NET
2016-09-28 09:29:43 ----D---- C:\windows\system32\sru
2016-09-26 17:16:48 ----RSD---- C:\windows\assembly
2016-09-26 17:05:37 ----SHD---- C:\System Volume Information
2016-09-26 16:36:49 ----D---- C:\windows\rescache
2016-09-25 20:44:25 ----D---- C:\windows\AppReadiness
2016-09-25 20:22:27 ----D---- C:\windows\Inf
2016-09-25 20:16:49 ----D---- C:\ProgramData\LU
2016-09-24 22:44:44 ----SHD---- C:\windows\Installer
2016-09-24 22:44:43 ----SHD---- C:\Config.Msi
2016-09-24 22:44:23 ----D---- C:\windows\system32\drivers
2016-09-24 22:44:18 ----RD---- C:\Program Files (x86)
2016-09-24 22:41:17 ----AD---- C:\Windows
2016-09-24 22:39:04 ----D---- C:\windows\Tasks
2016-09-24 20:19:14 ----D---- C:\ProgramData\Origin
2016-09-24 19:44:12 ----D---- C:\windows\system32\config
2016-09-24 14:01:01 ----D---- C:\windows\CbsTemp
2016-09-24 13:47:34 ----D---- C:\windows\system32\Tasks
2016-09-24 13:42:50 ----D---- C:\ProgramData\Energy Manager
2016-09-24 13:41:57 ----D---- C:\windows\WinSxS
2016-09-24 13:38:03 ----D---- C:\windows\SysWOW64
2016-09-24 13:37:58 ----D---- C:\windows\SYSWOW64\setup
2016-09-24 13:37:58 ----D---- C:\windows\system32\setup
2016-09-24 13:32:28 ----HD---- C:\ProgramData
2016-09-24 13:21:36 ----D---- C:\windows\system32\MRT
2016-09-24 13:21:35 ----D---- C:\windows\debug
2016-09-24 13:21:27 ----AC---- C:\windows\system32\MRT.exe
2016-09-24 13:18:53 ----RD---- C:\Program Files
2016-09-24 13:18:53 ----D---- C:\windows\system32\en-US
2016-09-24 13:18:53 ----D---- C:\windows\system32\cs-CZ
2016-09-18 17:48:28 ----HD---- C:\Program Files\WindowsApps
2016-09-18 17:24:36 ----D---- C:\ProgramData\Oracle
2016-09-18 17:24:05 ----D---- C:\Program Files (x86)\Java
2016-09-18 17:23:41 ----D---- C:\Program Files (x86)\Common Files
2016-09-18 17:23:11 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-09-18 17:19:23 ----D---- C:\windows\system32\catroot2
2016-09-18 17:06:42 ----D---- C:\windows\SoftwareDistribution
2016-09-18 17:04:50 ----D---- C:\Program Files (x86)\Lenovo
2016-09-18 16:57:23 ----D---- C:\Users\Haník\AppData\Roaming\TS3Client
2016-09-18 16:56:56 ----D---- C:\windows\Panther
2016-09-18 16:56:54 ----D---- C:\windows\Minidump
2016-09-18 16:56:54 ----D---- C:\windows\Logs
2016-09-18 16:41:11 ----D---- C:\Program Files\Lenovo PhoneCompanion
2016-09-18 16:33:17 ----D---- C:\ProgramData\Lenovo
2016-09-18 16:21:24 ----D---- C:\windows\system32\SecureBootUpdates
2016-09-18 15:59:04 ----D---- C:\Program Files (x86)\SoD
2016-09-18 15:55:02 ----RD---- C:\windows\ToastData
2016-09-18 15:55:02 ----D---- C:\windows\system32\wbem
2016-09-18 15:55:02 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\en-US
2016-09-18 15:55:01 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-18 15:55:01 ----D---- C:\Program Files\Internet Explorer
2016-09-18 15:54:58 ----D---- C:\windows\system32\appraiser
2016-09-18 15:54:56 ----D---- C:\windows\system32\CodeIntegrity
2016-09-18 15:54:53 ----D---- C:\windows\SYSWOW64\wbem
2016-09-18 15:54:48 ----D---- C:\windows\system32\DriverStore
2016-09-17 21:33:03 ----D---- C:\Users\Haník\AppData\Roaming\.minecraft
2016-09-15 17:49:56 ----D---- C:\windows\system32\NDF
2016-09-15 17:44:05 ----D---- C:\Users\Haník\AppData\Roaming\IMVU
2016-09-13 17:55:59 ----D---- C:\ProgramData\Package Cache
2016-09-13 17:55:44 ----D---- C:\Program Files (x86)\Garmin
2016-09-12 20:40:58 ----D---- C:\ProgramData\boost_interprocess
2016-09-07 03:11:48 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-11 36608]
R0 amdpsp;@oem5.inf,%amdpsp.SVCDESC%;AMD PSP 1.0 Service; C:\windows\system32\DRIVERS\amdpsp.sys [2014-02-24 230088]
R0 edevmon;edevmon; C:\windows\system32\DRIVERS\edevmon.sys [2015-07-14 251632]
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 72400]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\drivers\PxHlpa64.sys [2013-09-03 56336]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 EpfwLWF;@oem23.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 53360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aksdf;aksdf; \??\C:\windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;@oem35.inf,%AksFridgeServiceDisp%;Sentinel Fridge; C:\windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2015-07-14 231520]
R2 hardlock;hardlock; \??\C:\windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R3 ACPIVPC;@oem18.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-11 222720]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\windows\system32\DRIVERS\Hamdrv.sys [2016-08-31 45680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RtkBtFilter;@oem10.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-15 558296]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 RTWlanE;@oem32.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2014-10-07 3593432]
R3 SNP2UVC;@oem16.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 akshasp;@oem34.inf,%svcdesc%;SafeNet Inc. HASP Key; C:\windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;@oem35.inf,%svcdesc%;SafeNet Inc. Sentinel HL Key; C:\windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;@oem33.inf,%svcdesc%;SafeNet Inc. USB Key; C:\windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 amdkmcsp;@oem5.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2014-02-24 85704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-23 84992]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-07-08 1353720]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-08-31 928272]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-09-13 2621448]
R2 hasplms;Sentinel HASP License Manager; C:\windows\system32\hasplms.exe [2015-09-23 4665168]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-08-31 419248]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 tbaseprovisioning;tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [2014-02-24 51712]
S2 AdobeActiveFileMonitor13.0;Adobe Active File Monitor V13; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [2014-08-31 231120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-09 1471352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-06-23 2122248]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
S3 ShareItSvc;ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [2016-01-14 31176]
S4 DiagTrack;Diagnostics Tracking Service; C:\windows\System32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: V Chrome po načtení stránek vyskakuje druhý tab s reklam

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“