Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-06-30 10:55:23
Microsoft Windows 8.1
System drive C: has 30 GB (28%) free of 106 GB
Total RAM: 16337 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:34, on 30. 6. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Hobby-téka\Office\MSACCESS.EXE
C:\Program Files (x86)\SpeedFan\speedfan.exe
E:\Program Files (x86)\CrystalDiskInfo\DiskInfo32S.exe
C:\Program Files\trend micro\Milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hola Better Internet Engine (hola_svc) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_svc.exe
O23 - Service: Hola Better Internet Updater (hola_updater) - Hola Networks Ltd. - C:\Program Files\Hola\app\hola_updater.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14073 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {ca4dfbcb-71a5-4ab0-9fc3ea7da63122e9}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"C:\Program Files\Hola\app\hola_svc.exe" --service
"C:\Program Files\Hola\app\hola_updater.exe" --service --run-as hola_updater
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-da8152ab-65a0-4344-afca-ba52e00244d6 -SystemEventPortName:HostProcess-15a3d58e-6d31-49d7-8af0-1c24f7366ea6 -IoCancelEventPortName:HostProcess-64feb352-6e02-4a85-9b57-4f3a58673537 -NonStateChangingEventPortName:HostProcess-0f556cb8-6c85-461f-b40a-251930c6f09a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:53d37328-ba96-428d-8e98-825272e23264 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Hola\app\hola.exe" --silent
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x22c,0x23c,0x240,0x234,0x1a8,0x7fff385c19d0,0x7fff385c19b8,0x7fff385c19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6912 --on-initialized-event-handle=716 --parent-handle=720 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=EE6A6AE46353E8E202B1D113CB77F5F7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=EE6A6AE46353E8E202B1D113CB77F5F7 --renderer-client-id=3 --mojo-platform-channel-handle=2160 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=D6D54F4006A85E964C8E8707D65F86E5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=D6D54F4006A85E964C8E8707D65F86E5 --renderer-client-id=4 --mojo-platform-channel-handle=2500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=C5E77E7DCD5A97C6D6FBF98ADA14F786 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=C5E77E7DCD5A97C6D6FBF98ADA14F786 --renderer-client-id=5 --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=3C95749FDC5D614417A961B4BE936E5A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3C95749FDC5D614417A961B4BE936E5A --renderer-client-id=6 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=23E8307B9E10515ECA347D410BC3104F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=23E8307B9E10515ECA347D410BC3104F --renderer-client-id=7 --mojo-platform-channel-handle=2520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=5E4FA5B0DBB8B746AC4DB263475B2C8C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5E4FA5B0DBB8B746AC4DB263475B2C8C --renderer-client-id=8 --mojo-platform-channel-handle=2532 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.53fee655a5828208 > \\.\pipe\chrome.nativeMessaging.out.53fee655a5828208
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=7A758587F77356F6EE393B66AE8B371B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=7A758587F77356F6EE393B66AE8B371B --renderer-client-id=9 --mojo-platform-channel-handle=2156 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=8C6DD8AD6544F6B2B192E65235318972 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8C6DD8AD6544F6B2B192E65235318972 --renderer-client-id=10 --mojo-platform-channel-handle=2544 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1972 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=2F21A268F048A3CB19BA435F1F22F8D9 --mojo-platform-channel-handle=3836 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\totalcmd\TOTALCMD64.EXE"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"E:\Program Files (x86)\CrystalDiskInfo\DiskInfo32S.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1972 --primordial-pipe-token=8F041E9B49F33502E2078255C29B1CA8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8F041E9B49F33502E2078255C29B1CA8 --renderer-client-id=31 --mojo-platform-channel-handle=8124 /prefetch:1
"C:\Users\Milan\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
=========Mozilla firefox=========
ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"hola"=C:\Program Files\Hola\app\hola.exe [2017-02-22 2168416]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
======List of files/folders created in the last 1 month======
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe
======List of files/folders modified in the last 1 month======
2017-06-30 10:55:34 ----D---- C:\WINDOWS\Prefetch
2017-06-30 10:55:23 ----RD---- C:\Program Files
2017-06-30 10:53:09 ----D---- C:\Program Files (x86)\SpeedFan
2017-06-30 10:50:27 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-06-30 10:49:51 ----D---- C:\Hobby-téka
2017-06-30 10:36:13 ----D---- C:\WINDOWS\system32\drivers\etc
2017-06-30 10:26:09 ----D---- C:\WINDOWS\Temp
2017-06-30 10:25:46 ----D---- C:\WINDOWS\System32
2017-06-30 10:25:46 ----D---- C:\WINDOWS\Inf
2017-06-30 10:25:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-30 10:21:25 ----D---- C:\Program Files\Bitdefender Agent
2017-06-30 10:21:20 ----D---- C:\WINDOWS\system32\drivers
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:19:00 ----A---- C:\bdlog.txt
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-30 10:13:05 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-06-30 10:02:00 ----D---- C:\WINDOWS\system32\sru
2017-06-30 10:00:10 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-06-30 08:10:42 ----D---- C:\WINDOWS\Microsoft.NET
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-24 15:31:26 ----D---- C:\WINDOWS\system32\Tasks
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-14 20:22:11 ----D---- C:\Program Files (x86)\Opera
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-04 16:05:58 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-06-30 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-06-30 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-06-30 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-06-30 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 hola_svc;Hola Better Internet Engine; C:\Program Files\Hola\app\hola_svc.exe [2017-02-22 5622368]
R2 hola_updater;Hola Better Internet Updater; C:\Program Files\Hola\app\hola_updater.exe [2016-06-27 5615280]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka - pro jistotu, děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka - pro jistotu, děkuji
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka - pro jistotu, děkuji
Děkuji, zasílám log:
********************************************
# AdwCleaner v6.047 - Log vytvořen 01/07/2017 v 20:25:41
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-29.3 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Milan - HP
# Spuštěno z : C:\Users\Milan\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: hola_svc
[-] Služba smazána: hola_updater
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Milan\AppData\Roaming\Hola
[-] Složka smazána: C:\Program Files\Hola
***** [ Soubory ] *****
[-] Soubor smazán: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKU\.DEFAULT\Software\Hola
[-] Klíč smazán: HKU\S-1-5-21-2134351818-1356353880-2322332928-1001\Software\Hola
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Hola
[#] Klíč smazán po restartu: HKCU\Software\Hola
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Prohlížeče ] *****
[-] [C:\Users\Milan\AppData\Local\Comodo\Dragon\User Data\Default\Web data] [Search Provider] Smazáno: yahoo.com
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2109 Bajty] - [01/07/2017 20:25:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1385 Bajty] - [11/09/2015 17:35:34]
C:\AdwCleaner\AdwCleaner[S2].txt - [1473 Bajty] - [18/11/2015 21:48:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [1731 Bajty] - [28/11/2015 16:41:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1741 Bajty] - [31/12/2015 12:31:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [2849 Bajty] - [01/07/2017 20:24:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2547 Bajty] ##########
********************************************
# AdwCleaner v6.047 - Log vytvořen 01/07/2017 v 20:25:41
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-29.3 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Milan - HP
# Spuštěno z : C:\Users\Milan\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: hola_svc
[-] Služba smazána: hola_updater
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Milan\AppData\Roaming\Hola
[-] Složka smazána: C:\Program Files\Hola
***** [ Soubory ] *****
[-] Soubor smazán: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán: HKU\.DEFAULT\Software\Hola
[-] Klíč smazán: HKU\S-1-5-21-2134351818-1356353880-2322332928-1001\Software\Hola
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Hola
[#] Klíč smazán po restartu: HKCU\Software\Hola
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Hola
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
[-] Hodnota smazána: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [hola]
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Prohlížeče ] *****
[-] [C:\Users\Milan\AppData\Local\Comodo\Dragon\User Data\Default\Web data] [Search Provider] Smazáno: yahoo.com
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2109 Bajty] - [01/07/2017 20:25:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [1385 Bajty] - [11/09/2015 17:35:34]
C:\AdwCleaner\AdwCleaner[S2].txt - [1473 Bajty] - [18/11/2015 21:48:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [1731 Bajty] - [28/11/2015 16:41:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1741 Bajty] - [31/12/2015 12:31:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [2849 Bajty] - [01/07/2017 20:24:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2547 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka - pro jistotu, děkuji
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka - pro jistotu, děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-07-01 22:07:15
Microsoft Windows 8.1
System drive C: has 29 GB (28%) free of 106 GB
Total RAM: 16337 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:17, on 1. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Hobby-téka\Office\MSACCESS.EXE
E:\Program Files (x86)\MP3Tag\Mp3tag.exe
C:\Program Files\trend micro\Milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13898 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {c864793d-886e-4cf4-8cedbe28a58ab76d}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-657069a1-b0b0-4f8f-9ffa-420aa2159a05 -SystemEventPortName:HostProcess-a23668cc-f5e8-4615-9281-077331360e09 -IoCancelEventPortName:HostProcess-2c150852-9180-48b2-8344-704cabf62800 -NonStateChangingEventPortName:HostProcess-965194b1-2d7d-4152-bfa5-d6d87c1e118b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c27077c9-5337-4565-9c98-a842e4e5edd8 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x230,0x240,0x248,0x238,0x24c,0x7ffcb17d19d0,0x7ffcb17d19b8,0x7ffcb17d19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6892 --on-initialized-event-handle=756 --parent-handle=760 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=FD16F426F4552E64E23E3A1639D8984E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FD16F426F4552E64E23E3A1639D8984E --renderer-client-id=3 --mojo-platform-channel-handle=2556 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=66193A062C26D2912115A95EB898250C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=66193A062C26D2912115A95EB898250C --renderer-client-id=4 --mojo-platform-channel-handle=2212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0E8DBF5F24FAE2E65691114DC53AAF2E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0E8DBF5F24FAE2E65691114DC53AAF2E --renderer-client-id=5 --mojo-platform-channel-handle=2704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0A1DA627A326B29DB44B504970ECFEB5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0A1DA627A326B29DB44B504970ECFEB5 --renderer-client-id=6 --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=2021EAC47166DA420594511E9502281F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=2021EAC47166DA420594511E9502281F --renderer-client-id=7 --mojo-platform-channel-handle=2720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=3AB96CAD3C20261B96A4992E34BA64C5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3AB96CAD3C20261B96A4992E34BA64C5 --renderer-client-id=8 --mojo-platform-channel-handle=2748 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.6090a2d0320d6545 > \\.\pipe\chrome.nativeMessaging.out.6090a2d0320d6545
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=B8CD5156826AAA8567CDD974FB4835F6 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B8CD5156826AAA8567CDD974FB4835F6 --renderer-client-id=9 --mojo-platform-channel-handle=2752 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --renderer-client-id=10 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2168 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=41002D94AE3328E32C2FB1A4EA393017 --mojo-platform-channel-handle=5308 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --renderer-client-id=15 --mojo-platform-channel-handle=7612 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
"E:\Program Files (x86)\MP3Tag\Mp3tag.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=57CDB7CE59F34E9E1C337CE3871E7DFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=57CDB7CE59F34E9E1C337CE3871E7DFD --renderer-client-id=31 --mojo-platform-channel-handle=3844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=F55283767EA33ECB5C7331E4CEAFE754 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=F55283767EA33ECB5C7331E4CEAFE754 --renderer-client-id=35 --mojo-platform-channel-handle=8548 /prefetch:1
"C:\Users\Milan\AppData\Local\JDownloader v2.0\JDownloader2.exe" -afterupdate
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
=========Mozilla firefox=========
ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
======List of files/folders created in the last 1 month======
2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe
======List of files/folders modified in the last 1 month======
2017-07-01 22:07:13 ----D---- C:\WINDOWS\Prefetch
2017-07-01 22:02:00 ----D---- C:\WINDOWS\system32\sru
2017-07-01 21:42:07 ----D---- C:\WINDOWS\Temp
2017-07-01 21:41:37 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-01 21:26:51 ----D---- C:\Program Files\Bitdefender Agent
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:34:50 ----D---- C:\Hobby-téka
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:26:45 ----D---- C:\WINDOWS\system32\drivers
2017-07-01 20:26:10 ----A---- C:\bdlog.txt
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 20:05:29 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-01 19:11:35 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-07-01 10:24:57 ----D---- C:\WINDOWS\Microsoft.NET
2017-06-30 20:23:00 ----D---- C:\WINDOWS\system32\Tasks
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-01 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-01 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-01 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-01 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
Run by Milan at 2017-07-01 22:07:15
Microsoft Windows 8.1
System drive C: has 29 GB (28%) free of 106 GB
Total RAM: 16337 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:17, on 1. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Hobby-téka\Office\MSACCESS.EXE
E:\Program Files (x86)\MP3Tag\Mp3tag.exe
C:\Program Files\trend micro\Milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13898 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {c864793d-886e-4cf4-8cedbe28a58ab76d}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-657069a1-b0b0-4f8f-9ffa-420aa2159a05 -SystemEventPortName:HostProcess-a23668cc-f5e8-4615-9281-077331360e09 -IoCancelEventPortName:HostProcess-2c150852-9180-48b2-8344-704cabf62800 -NonStateChangingEventPortName:HostProcess-965194b1-2d7d-4152-bfa5-d6d87c1e118b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c27077c9-5337-4565-9c98-a842e4e5edd8 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x230,0x240,0x248,0x238,0x24c,0x7ffcb17d19d0,0x7ffcb17d19b8,0x7ffcb17d19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6892 --on-initialized-event-handle=756 --parent-handle=760 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=FD16F426F4552E64E23E3A1639D8984E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FD16F426F4552E64E23E3A1639D8984E --renderer-client-id=3 --mojo-platform-channel-handle=2556 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=66193A062C26D2912115A95EB898250C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=66193A062C26D2912115A95EB898250C --renderer-client-id=4 --mojo-platform-channel-handle=2212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0E8DBF5F24FAE2E65691114DC53AAF2E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0E8DBF5F24FAE2E65691114DC53AAF2E --renderer-client-id=5 --mojo-platform-channel-handle=2704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0A1DA627A326B29DB44B504970ECFEB5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0A1DA627A326B29DB44B504970ECFEB5 --renderer-client-id=6 --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=2021EAC47166DA420594511E9502281F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=2021EAC47166DA420594511E9502281F --renderer-client-id=7 --mojo-platform-channel-handle=2720 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=3AB96CAD3C20261B96A4992E34BA64C5 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=3AB96CAD3C20261B96A4992E34BA64C5 --renderer-client-id=8 --mojo-platform-channel-handle=2748 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.6090a2d0320d6545 > \\.\pipe\chrome.nativeMessaging.out.6090a2d0320d6545
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=B8CD5156826AAA8567CDD974FB4835F6 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B8CD5156826AAA8567CDD974FB4835F6 --renderer-client-id=9 --mojo-platform-channel-handle=2752 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0609CA0FC2DA2D6C9CCBD7FE721E5E0C --renderer-client-id=10 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2168 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=41002D94AE3328E32C2FB1A4EA393017 --mojo-platform-channel-handle=5308 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9364EBF1DE9A2BDEFC6350A1E99DF1DB --renderer-client-id=15 --mojo-platform-channel-handle=7612 /prefetch:1
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Hobby-téka\Office\MSACCESS.EXE" "C:\Hobby-téka\HOBBY-téka.mde" /wrkgrp "C:\Hobby-téka\system.mdw"
"E:\Program Files (x86)\MP3Tag\Mp3tag.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=57CDB7CE59F34E9E1C337CE3871E7DFD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=57CDB7CE59F34E9E1C337CE3871E7DFD --renderer-client-id=31 --mojo-platform-channel-handle=3844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2168 --primordial-pipe-token=F55283767EA33ECB5C7331E4CEAFE754 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=F55283767EA33ECB5C7331E4CEAFE754 --renderer-client-id=35 --mojo-platform-channel-handle=8548 /prefetch:1
"C:\Users\Milan\AppData\Local\JDownloader v2.0\JDownloader2.exe" -afterupdate
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
=========Mozilla firefox=========
ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
======List of files/folders created in the last 1 month======
2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe
======List of files/folders modified in the last 1 month======
2017-07-01 22:07:13 ----D---- C:\WINDOWS\Prefetch
2017-07-01 22:02:00 ----D---- C:\WINDOWS\system32\sru
2017-07-01 21:42:07 ----D---- C:\WINDOWS\Temp
2017-07-01 21:41:37 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-01 21:26:51 ----D---- C:\Program Files\Bitdefender Agent
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:34:50 ----D---- C:\Hobby-téka
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:26:45 ----D---- C:\WINDOWS\system32\drivers
2017-07-01 20:26:10 ----A---- C:\bdlog.txt
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 20:05:29 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-01 19:11:35 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-07-01 10:24:57 ----D---- C:\WINDOWS\Microsoft.NET
2017-06-30 20:23:00 ----D---- C:\WINDOWS\system32\Tasks
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-01 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-01 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-01 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-01 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka - pro jistotu, děkuji
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka - pro jistotu, děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2017-07-02 11:54:47
Microsoft Windows 8.1
System drive C: has 31 GB (29%) free of 106 GB
Total RAM: 16337 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:49, on 2. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files\trend micro\Milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13525 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {1a345c4f-966a-4a4f-9249137100e07211}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e34fafe7-b195-4926-a736-4f4378dde0d0 -SystemEventPortName:HostProcess-874835ef-839f-4e25-b212-2ad8dcd2c778 -IoCancelEventPortName:HostProcess-7139a7cc-1165-42d5-805e-1ed7c53c6dd2 -NonStateChangingEventPortName:HostProcess-52955bc6-4600-45b7-b2dc-f80e0e3ada0e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f711fdf-56ae-4d23-940a-f6e49f5c5226 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\07022017_114950.log
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x22c,0x238,0x23c,0x230,0x21c,0x7ff8207819d0,0x7ff8207819b8,0x7ff8207819e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6896 --on-initialized-event-handle=744 --parent-handle=748 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=BBA89E9CB0E97A3623C5C857A472BBD8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=BBA89E9CB0E97A3623C5C857A472BBD8 --renderer-client-id=3 --mojo-platform-channel-handle=2384 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=FFCD41948990A224E141238C96EEEFCA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FFCD41948990A224E141238C96EEEFCA --renderer-client-id=4 --mojo-platform-channel-handle=2408 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=5DA50FEF86F68FAF39AF260F5A11A50E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5DA50FEF86F68FAF39AF260F5A11A50E --renderer-client-id=5 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=8F311CAD601A77B7401EF5A07C51CB0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8F311CAD601A77B7401EF5A07C51CB0C --renderer-client-id=6 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=9631FA5F786254765D1CC635EEB7C9AD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9631FA5F786254765D1CC635EEB7C9AD --renderer-client-id=7 --mojo-platform-channel-handle=2432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=50A5681742A49798364B74E81D377FCE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=50A5681742A49798364B74E81D377FCE --renderer-client-id=8 --mojo-platform-channel-handle=2444 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=DB2A504280E22449EE522DA491642ADF --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DB2A504280E22449EE522DA491642ADF --renderer-client-id=9 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=89AB966C34456C0E85AEC8890F65D3C9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=89AB966C34456C0E85AEC8890F65D3C9 --renderer-client-id=10 --mojo-platform-channel-handle=2468 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.456bf19b1700f3d8 > \\.\pipe\chrome.nativeMessaging.out.456bf19b1700f3d8
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2000 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=6528F9A2B8F454895AE109B66D402664 --mojo-platform-channel-handle=4168 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=771262524AF78CF21D2BE400669DCAF6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=771262524AF78CF21D2BE400669DCAF6 --renderer-client-id=16 --mojo-platform-channel-handle=7324 /prefetch:1
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
=========Mozilla firefox=========
ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
======List of files/folders created in the last 1 month======
2017-07-02 11:49:50 ----D---- C:\_OTM
2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe
======List of files/folders modified in the last 1 month======
2017-07-02 11:54:47 ----D---- C:\WINDOWS\Prefetch
2017-07-02 11:54:28 ----D---- C:\WINDOWS\Temp
2017-07-02 11:52:41 ----D---- C:\Program Files\Bitdefender Agent
2017-07-02 11:52:36 ----D---- C:\WINDOWS\system32\drivers
2017-07-02 11:52:29 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-02 11:51:52 ----A---- C:\bdlog.txt
2017-07-02 11:48:42 ----D---- C:\WINDOWS\system32\Tasks
2017-07-02 11:47:22 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-02 11:00:00 ----D---- C:\WINDOWS\system32\sru
2017-07-02 09:47:52 ----D---- C:\WINDOWS\Microsoft.NET
2017-07-02 00:01:59 ----D---- C:\Hobby-téka
2017-07-01 23:36:17 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-02 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-02 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-02 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-02 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
Run by Milan at 2017-07-02 11:54:47
Microsoft Windows 8.1
System drive C: has 31 GB (29%) free of 106 GB
Total RAM: 16337 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:54:49, on 2. 7. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe
C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe
C:\Program Files\trend micro\Milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G10] "C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [Power2GoExpress10] "C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
O4 - HKCU\..\Run: [DesktopOK] "C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - Global Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Chemtable Startup Checking - Unknown owner - C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe
O23 - Service: CLHNServiceForPowerDVD12 - CyberLink Corp. - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
O23 - Service: CyberLink Product - 2014/04/20 00:21:10 (CLKMSVC10_99E320F5) - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: Bitdefender Device Management Service (DevMgmtService) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13525 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe" /service
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
"C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {1a345c4f-966a-4a4f-9249137100e07211}
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe" /service
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
"C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe" -silent
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e34fafe7-b195-4926-a736-4f4378dde0d0 -SystemEventPortName:HostProcess-874835ef-839f-4e25-b212-2ad8dcd2c778 -IoCancelEventPortName:HostProcess-7139a7cc-1165-42d5-805e-1ed7c53c6dd2 -NonStateChangingEventPortName:HostProcess-52955bc6-4600-45b7-b2dc-f80e0e3ada0e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f711fdf-56ae-4d23-940a-f6e49f5c5226 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"E:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\notepad.exe" C:\_OTM\MovedFiles\07022017_114950.log
"C:\Program Files (x86)\Soft Organizer\SoftOrganizerAgent.exe" -start
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
"C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe" /Startup
"C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe" -bg -startup
"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe"
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcon.exe" --password
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Milan\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x22c,0x238,0x23c,0x230,0x21c,0x7ff8207819d0,0x7ff8207819b8,0x7ff8207819e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6896 --on-initialized-event-handle=744 --parent-handle=748 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=BBA89E9CB0E97A3623C5C857A472BBD8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=BBA89E9CB0E97A3623C5C857A472BBD8 --renderer-client-id=3 --mojo-platform-channel-handle=2384 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=FFCD41948990A224E141238C96EEEFCA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=FFCD41948990A224E141238C96EEEFCA --renderer-client-id=4 --mojo-platform-channel-handle=2408 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=5DA50FEF86F68FAF39AF260F5A11A50E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5DA50FEF86F68FAF39AF260F5A11A50E --renderer-client-id=5 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=8F311CAD601A77B7401EF5A07C51CB0C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=8F311CAD601A77B7401EF5A07C51CB0C --renderer-client-id=6 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=9631FA5F786254765D1CC635EEB7C9AD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=9631FA5F786254765D1CC635EEB7C9AD --renderer-client-id=7 --mojo-platform-channel-handle=2432 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=50A5681742A49798364B74E81D377FCE --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=50A5681742A49798364B74E81D377FCE --renderer-client-id=8 --mojo-platform-channel-handle=2444 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=DB2A504280E22449EE522DA491642ADF --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=DB2A504280E22449EE522DA491642ADF --renderer-client-id=9 --mojo-platform-channel-handle=2460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=89AB966C34456C0E85AEC8890F65D3C9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=89AB966C34456C0E85AEC8890F65D3C9 --renderer-client-id=10 --mojo-platform-channel-handle=2468 /prefetch:1
C:\WINDOWS\system32\cmd.exe /c "C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.456bf19b1700f3d8 > \\.\pipe\chrome.nativeMessaging.out.456bf19b1700f3d8
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe" chrome-extension://gannpgaobkkhmpomoijebaigcapoeebl/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=2000 --disable-direct-composition --use-gl=swiftshader-webgl --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,11,19,20,21,24,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-webrtc-hw-encoding --gpu-vendor-id=0x10de --gpu-device-id=0x1184 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --service-request-channel-token=6528F9A2B8F454895AE109B66D402664 --mojo-platform-channel-handle=4168 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=2000 --primordial-pipe-token=771262524AF78CF21D2BE400669DCAF6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=771262524AF78CF21D2BE400669DCAF6 --renderer-client-id=16 --mojo-platform-channel-handle=7324 /prefetch:1
"C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --service-launch
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --service-launch
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Milan\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Synology Data Replicator 3-HP-Milan.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
=========Mozilla firefox=========
ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "about:home"
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.131 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kje70kdo.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}]
Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-23 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-23 186944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24 6126680]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24 534208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24 4438104]
{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24 469248]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-03-20 1797064]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-23 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-03-29 1702912]
"GwxControlPanelMonitor"=C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [2016-01-24 4559944]
"Malwarebytes TrayApp"=E:\MALWAREBYTES ANTI-MALWARE\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
"Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24 322312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress10"=C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe [2015-10-28 3063224]
"DesktopOK"=C:\Users\Milan\Desktop\NÁSTROJE\DesktopOK_Unicode.exe [2016-10-13 233472]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-05-18 1421224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"KeePass 2 PreLoad"=C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2014-04-13 2099200]
"Malwarebytes Anti-Exploit"=C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe []
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2011-03-09 107816]
"CLMLServer_For_P2G10"=C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe [2015-10-28 110008]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2016-06-09 1314432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
======List of files/folders created in the last 1 month======
2017-07-02 11:49:50 ----D---- C:\_OTM
2017-06-30 12:27:46 ----D---- C:\Users\Milan\AppData\Roaming\FastStone
2017-06-30 10:55:23 ----D---- C:\rsit
2017-06-30 10:55:23 ----D---- C:\Program Files\trend micro
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\invagent.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\generaltel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\devinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\centel.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aepic.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-06-18 20:47:57 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-06-15 21:11:10 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 21:11:09 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 21:11:01 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 21:10:57 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-06-15 21:10:52 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-06-15 21:10:19 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\shell32.dll
2017-06-15 21:10:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-06-15 21:10:17 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\wininet.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\win32k.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\tquery.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\schannel.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\mssrch.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gpsvc.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\gdi32.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\FntCache.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\DWrite.dll
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2017-06-15 21:10:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuwebv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wucltux.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuauclt.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\vbscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssvp.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssphtb.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\mssph.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\localspl.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\jscript.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\inetcomm.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\certcli.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmlib.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-06-15 21:10:15 ----A---- C:\WINDOWS\HelpPane.exe
======List of files/folders modified in the last 1 month======
2017-07-02 11:54:47 ----D---- C:\WINDOWS\Prefetch
2017-07-02 11:54:28 ----D---- C:\WINDOWS\Temp
2017-07-02 11:52:41 ----D---- C:\Program Files\Bitdefender Agent
2017-07-02 11:52:36 ----D---- C:\WINDOWS\system32\drivers
2017-07-02 11:52:29 ----D---- C:\WINDOWS\system32\drivers\etc
2017-07-02 11:51:52 ----A---- C:\bdlog.txt
2017-07-02 11:48:42 ----D---- C:\WINDOWS\system32\Tasks
2017-07-02 11:47:22 ----D---- C:\Users\Milan\AppData\Roaming\Mp3tag
2017-07-02 11:00:00 ----D---- C:\WINDOWS\system32\sru
2017-07-02 09:47:52 ----D---- C:\WINDOWS\Microsoft.NET
2017-07-02 00:01:59 ----D---- C:\Hobby-téka
2017-07-01 23:36:17 ----D---- C:\Users\Milan\AppData\Roaming\XnViewMP
2017-07-01 20:49:22 ----D---- C:\Users\Milan\AppData\Roaming\DesktopOK
2017-07-01 20:31:02 ----D---- C:\WINDOWS\System32
2017-07-01 20:31:02 ----D---- C:\WINDOWS\Inf
2017-07-01 20:31:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 20:29:53 ----D---- C:\Program Files (x86)\SpeedFan
2017-07-01 20:25:41 ----D---- C:\AdwCleaner
2017-07-01 20:25:38 ----RD---- C:\Program Files
2017-07-01 11:41:23 ----D---- C:\WINDOWS\system32\FxsTmp
2017-06-30 20:23:00 ----D---- C:\Program Files (x86)\Opera
2017-06-30 10:21:02 ----D---- C:\WINDOWS\system32\wbem
2017-06-30 10:21:02 ----D---- C:\Windows
2017-06-30 10:19:54 ----D---- C:\WINDOWS\registration
2017-06-30 10:18:41 ----SHD---- C:\System Volume Information
2017-06-28 21:28:47 ----AD---- C:\ProgramData\Temp
2017-06-28 21:28:37 ----D---- C:\Users\Milan\AppData\Roaming\VideoReDo-TVSuite5
2017-06-28 21:28:08 ----D---- C:\Program Files\VDownloader
2017-06-28 21:27:14 ----RD---- C:\Program Files (x86)
2017-06-28 21:25:39 ----D---- C:\Program Files (x86)\Soft Organizer
2017-06-28 21:14:02 ----D---- C:\Users\Milan\AppData\Roaming\foobar2000
2017-06-28 21:11:44 ----D---- C:\Program Files (x86)\Autorun Organizer
2017-06-28 21:08:48 ----D---- C:\Users\Milan\AppData\Roaming\AnvSoft
2017-06-27 20:53:28 ----D---- C:\WINDOWS\system32\config
2017-06-24 15:37:26 ----D---- C:\ProgramData\Garmin
2017-06-24 15:34:55 ----D---- C:\WINDOWS\system32\DriverStore
2017-06-24 15:31:38 ----SHD---- C:\WINDOWS\Installer
2017-06-24 15:31:38 ----D---- C:\ProgramData\Package Cache
2017-06-24 15:31:32 ----D---- C:\Program Files (x86)\Garmin
2017-06-20 17:37:27 ----D---- C:\WINDOWS\WinSxS
2017-06-20 17:34:42 ----D---- C:\WINDOWS\system32\catroot2
2017-06-18 21:16:16 ----RSD---- C:\WINDOWS\assembly
2017-06-18 21:11:34 ----D---- C:\WINDOWS\rescache
2017-06-18 20:48:40 ----D---- C:\WINDOWS\system32\appraiser
2017-06-18 20:48:32 ----D---- C:\WINDOWS\CbsTemp
2017-06-18 20:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-06-18 20:44:40 ----D---- C:\WINDOWS\SysWOW64
2017-06-18 20:44:15 ----D---- C:\Program Files\Microsoft Silverlight
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 20:44:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-06-18 20:43:17 ----RD---- C:\WINDOWS\ToastData
2017-06-17 12:25:17 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-06-17 00:21:06 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-06-17 00:21:06 ----D---- C:\WINDOWS\system32\Macromed
2017-06-16 23:52:40 ----HD---- C:\Program Files\WindowsApps
2017-06-16 23:52:40 ----D---- C:\WINDOWS\AppReadiness
2017-06-15 21:16:21 ----D---- C:\WINDOWS\system32\MRT
2017-06-15 21:13:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-06-09 20:57:43 ----HD---- C:\ProgramData
2017-06-03 04:31:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 avc3;avc3; C:\WINDOWS\system32\DRIVERS\avc3.sys [2017-05-29 1612648]
R0 gzflt;gzflt; C:\WINDOWS\system32\DRIVERS\gzflt.sys [2016-10-29 182944]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-02-04 652784]
R0 Ignis;Ignis Service; C:\WINDOWS\system32\DRIVERS\ignis.sys [2017-03-25 305120]
R0 trufos;trufos; C:\WINDOWS\system32\DRIVERS\trufos.sys [2016-06-22 520032]
R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2016-06-24 128400]
R1 BDVEDISK;BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [2015-12-04 87912]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-03-15 91712]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2017-05-25 77376]
R2 ei2c;ei2c; \??\C:\windows\system32\drivers\ei2c.sys [2014-05-01 20784]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [2017-06-11 188312]
R2 mi2c;mi2c; \??\C:\windows\system32\drivers\mi2c.sys [2016-07-27 20784]
R2 ntk_PowerDVD12;ntk_PowerDVD12; \??\c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-03-12 84168]
R2 speedfan;speedfan; \??\C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 anvsnddrv;@oem74.inf,%anvsnddrv.SvcDesc%;AnvSoft Virtual Sound Device; C:\WINDOWS\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 avckf;avckf; C:\WINDOWS\system32\DRIVERS\avckf.sys [2017-05-29 879600]
R3 CLVirtualBus01;@oem88.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator; C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [2014-11-05 103176]
R3 dc3d;@oem62.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver (USB); C:\WINDOWS\System32\drivers\dc3d.sys [2015-07-08 95024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [2017-07-02 113592]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [2017-07-02 44960]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2017-07-02 252832]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [2017-07-02 93600]
R3 MEIx64;@oem5.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2013-01-24 64624]
R3 NVHDA;@oem70.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2014-03-20 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2014-03-20 12708128]
R3 Point64;@oem63.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2015-07-08 68912]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys [2016-02-02 18456]
R3 RSUSBSTOR;@oem53.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-03-01 259144]
R3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-02-19 772680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2013-03-29 544768]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 bdelam;bdelam; C:\WINDOWS\system32\drivers\bdelam.sys [2016-03-14 23672]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys []
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2013-03-25 108312]
S3 dg_ssudbus;@oem82.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 libusb0;USB Kernel Driver; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2014-10-12 44448]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\WINDOWS\syswow64\MDA_NTDRV.sys []
S3 MFE_RR;MFE_RR; \??\C:\Users\Milan\AppData\Local\Temp\mfe_rr.sys []
S3 nmwcd;@oem76.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem80.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 ssudmdm;@oem84.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2014-11-04 33280]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-06-10 89864]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-06-10 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-06-10 294664]
R2 DevMgmtService;Bitdefender Device Management Service; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [2017-05-18 104096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-05-18 1093136]
R2 Chemtable Startup Checking;Chemtable Startup Checking; C:\Program Files (x86)\Autorun Organizer\StartupCheckingService.exe [2016-10-11 9501024]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-31 129336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-31 167736]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-31 364856]
R2 MBAMService;Malwarebytes Service; E:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2014-03-04 922968]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2016-02-02 1570520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-03-29 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [2017-04-24 218416]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
S2 CLKMSVC10_99E320F5;CyberLink Product - 2014/04/20 00:21:10; c:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [2013-06-07 240392]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2016-02-02 837848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17 272384]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-17 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka - pro jistotu, děkuji
Smazáno, log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivka - pro jistotu, děkuji
Provedeno. Díky za pomoc a za věnovaný čas.
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivka - pro jistotu, děkuji
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?