Kód: Vybrat vše
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomino at 2018-06-17 12:19:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (33%) free of 114 GB
Total RAM: 3959 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:52, on 17. 6. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DFX\dfx.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe
C:\Program Files\trend micro\Tomino.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FxSound Enhancer] C:\Program Files (x86)\DFX\dfx.exe -startup
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DBC73DE-2EDD-4D13-BDC4-39CE11814C52}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12824 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\DFX\dfx.exe" -startup
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
"C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe"
"C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe"
\??\C:\Windows\system32\conhost.exe "-129889118433901131921153565611544254285873162932327176201-866002948-1888509243
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a741743329d94bc08826af367733939d/crashes/upload --application-name=skype-preview "--crashes-directory=C:\Users\Tomino\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,20,22,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x11c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=24.21.13.9811 --gpu-driver-date=6-1-2018 --service-request-channel-token=263DE356CBD74508A0D4A5951B752728 --mojo-platform-channel-handle=1340 /prefetch:2
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=428ACD62A4EBD4CDC96781F9C2B2BA36 --lang=sk --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --context-id=2 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=428ACD62A4EBD4CDC96781F9C2B2BA36 --renderer-client-id=4 --mojo-platform-channel-handle=1708 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe"
C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe --type=crashpad-handler "--user-data-dir=C:\Users\Tomino\AppData\Local\Vivaldi\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomino\AppData\Local\Vivaldi\User Data\Crashpad" "--metrics-dir=C:\Users\Tomino\AppData\Local\Vivaldi\User Data" --annotation=plat=Win32 --annotation=prod=Vivaldi --annotation=ver=1.15.1147.47 --initial-client-data=0x8c,0x90,0x94,0x88,0x98,0x65e2d078,0x65e2d088,0x65e2d094
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=gpu-process --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x10de --gpu-device-id=0x11c2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=24.21.13.9811 --gpu-driver-date=6-1-2018 --service-request-channel-token=C6BA6C7C42D51EC6D28F84DE85C29089 --mojo-platform-channel-handle=1208 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=0B41FD1217A2103FE2517720B0576B73 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=0B41FD1217A2103FE2517720B0576B73 --renderer-client-id=17 --running-vivaldi --mojo-platform-channel-handle=2200 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=045B869555A3A5477FE436A49D6985C2 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=045B869555A3A5477FE436A49D6985C2 --renderer-client-id=5 --running-vivaldi --mojo-platform-channel-handle=2372 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=F965D608D35B0637672439BC5129732E --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F965D608D35B0637672439BC5129732E --renderer-client-id=8 --running-vivaldi --mojo-platform-channel-handle=2380 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=D64F5DC1C848BACF62E6284934114155 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D64F5DC1C848BACF62E6284934114155 --renderer-client-id=11 --running-vivaldi --mojo-platform-channel-handle=2388 /prefetch:1
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=DBA8D7C1E849883E17E2B74D70C8A6DE --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=DBA8D7C1E849883E17E2B74D70C8A6DE --renderer-client-id=29 --running-vivaldi --mojo-platform-channel-handle=5740 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=C16C4F2F0EEF054AF2676ADEBEA5419B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C16C4F2F0EEF054AF2676ADEBEA5419B --renderer-client-id=48 --running-vivaldi --mojo-platform-channel-handle=6792 /prefetch:1
"C:\Users\Tomino\AppData\Local\Vivaldi\Application\vivaldi.exe" --type=renderer --field-trial-handle=1192,15931215323749371435,15969476099887352323,131072 --service-pipe-token=98193C42FF1724F8A5903AB5F50C9047 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_30_0_0_113.dll" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=98193C42FF1724F8A5903AB5F50C9047 --renderer-client-id=50 --running-vivaldi --mojo-platform-channel-handle=7104 /prefetch:1
"X:\Knižnica\Prevzaté súbory\Programy\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-22 582088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-22 245192]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-04-28 178496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"AdobeBridge"= []
"uTorrent"=C:\Users\Tomino\AppData\Roaming\uTorrent\utorrent.exe [2015-02-22 416168]
"Vivaldi Update Notifier"=C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe [2018-06-13 1495624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-12 2383040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeGCInvoker-1.0]
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\Bluestacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2018-05-22 3106600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2016-05-25 406664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Tomino\AppData\Roaming\Spotify\Spotify.exe [2018-06-09 24023440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Tomino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-06-09 781712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2018-06-09 3201312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vivaldi Update Notifier]
C:\Users\Tomino\AppData\Local\Vivaldi\Application\update_notifier.exe [2018-06-13 1495624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks]
C:\Games\World_of_Tanks\WargamingGameUpdater.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\World of Tanks (1)]
X:\Knižnica\Hry\World_of_Tanks_CT\WargamingGameUpdater.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-15 375000]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]
"FxSound Enhancer"=C:\Program Files (x86)\DFX\dfx.exe [2018-05-01 1698296]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57132958.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\57132958.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-06-17 12:19:48 ----D---- C:\rsit
2018-06-17 12:19:48 ----D---- C:\Program Files\trend micro
2018-06-17 11:02:33 ----D---- C:\KVRT_Data
2018-06-17 10:58:18 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2018-06-17 09:11:52 ----D---- C:\Program Files (x86)\MSXML 4.0
2018-06-17 09:09:21 ----SHD---- C:\Config.Msi
2018-06-13 13:00:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-06-13 13:00:47 ----D---- C:\Windows\system32\Macromed
2018-06-11 09:48:18 ----D---- C:\Users\Tomino\AppData\Roaming\4kdownload.com
2018-06-09 08:36:33 ----D---- C:\Users\Tomino\AppData\Roaming\Subtitle Edit
2018-06-09 08:36:33 ----D---- C:\Program Files\Subtitle Edit
2018-06-09 05:56:20 ----D---- C:\Program Files\VSFilter
2018-06-08 22:25:42 ----D---- C:\Program Files (x86)\Subtitle Workshop
2018-06-08 15:40:43 ----D---- C:\Users\Tomino\AppData\Roaming\TeamViewer
2018-06-08 15:40:37 ----D---- C:\Program Files (x86)\TeamViewer
2018-06-08 14:06:11 ----D---- C:\Program Files (x86)\WinCDEmu
2018-06-08 11:22:27 ----D---- C:\Users\Tomino\AppData\Roaming\PowerISO
2018-06-08 11:14:21 ----D---- C:\Program Files (x86)\RedFox
2018-06-08 11:14:15 ----D---- C:\ProgramData\RedFox
2018-06-08 11:07:19 ----D---- C:\Users\Tomino\AppData\Roaming\EAC
2018-06-08 11:07:17 ----D---- C:\Users\Tomino\AppData\Roaming\AccurateRip
2018-06-08 11:07:06 ----D---- C:\Program Files (x86)\Exact Audio Copy
2018-06-08 09:32:24 ----D---- C:\Users\Tomino\AppData\Roaming\YouTubeByClick
2018-06-08 09:31:34 ----D---- C:\ProgramData\Caphyon
2018-06-08 09:31:33 ----D---- C:\Program Files (x86)\YouTube By Click
2018-06-08 09:31:00 ----D---- C:\Users\Tomino\AppData\Roaming\ByClick
2018-06-07 07:41:34 ----D---- C:\Users\Tomino\AppData\Roaming\VideoReDo-TVSuite5
2018-06-07 07:41:34 ----D---- C:\Program Files (x86)\VideoReDoTVSuite5
2018-06-07 07:17:30 ----D---- C:\Users\Tomino\AppData\Roaming\Bandicam Company
2018-06-07 07:17:02 ----D---- C:\Program Files (x86)\Bandicam
2018-06-07 07:17:01 ----D---- C:\Program Files (x86)\BandiMPEG1
2018-06-06 19:25:40 ----D---- C:\Users\Tomino\AppData\Roaming\BANDISOFT
2018-06-06 19:25:09 ----D---- C:\ProgramData\BANDISOFT
2018-06-06 14:47:08 ----SHD---- C:\82ace7d6-0197-474d-bf4b-a2043e72329b
2018-06-06 10:56:43 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2018-06-06 10:50:21 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2018-06-06 10:50:20 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2018-06-06 10:50:20 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2018-06-06 10:50:20 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2018-06-06 10:50:20 ----A---- C:\Windows\system32\nvopencl.dll
2018-06-06 10:50:19 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2018-06-06 10:50:19 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2018-06-06 10:50:19 ----A---- C:\Windows\system32\nvoglv64.dll
2018-06-06 10:50:19 ----A---- C:\Windows\system32\nvoglshim64.dll
2018-06-06 10:50:18 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2018-06-06 10:50:17 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2018-06-06 10:50:17 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2018-06-06 10:50:17 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2018-06-06 10:50:17 ----A---- C:\Windows\system32\nvinitx.dll
2018-06-06 10:50:17 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2018-06-06 10:50:17 ----A---- C:\Windows\system32\NvIFR64.dll
2018-06-06 10:50:16 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2018-06-06 10:50:16 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2018-06-06 10:50:16 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2018-06-06 10:50:16 ----A---- C:\Windows\system32\NvFBC64.dll
2018-06-06 10:50:16 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2018-06-06 10:50:16 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2018-06-06 10:50:15 ----A---- C:\Windows\system32\nvdispgenco6439811.dll
2018-06-06 10:50:15 ----A---- C:\Windows\system32\nvdispco6439811.dll
2018-06-06 10:50:14 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2018-06-06 10:50:13 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2018-06-06 10:50:13 ----A---- C:\Windows\system32\nvcuvid.dll
2018-06-06 10:50:12 ----A---- C:\Windows\system32\nvcuda.dll
2018-06-06 10:50:10 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2018-06-06 10:50:08 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2018-06-06 10:50:08 ----A---- C:\Windows\system32\nvcompiler.dll
2018-06-06 10:50:07 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2018-06-06 08:35:17 ----D---- C:\Users\Tomino\AppData\Roaming\iDealshare VideoGo 5
2018-06-05 17:33:23 ----D---- C:\Program Files (x86)\Epic Games
2018-06-05 17:21:38 ----D---- C:\Users\Tomino\AppData\Roaming\iDealshare VideoGo 6
2018-06-05 17:21:32 ----D---- C:\Program Files (x86)\iDealshare
2018-05-31 19:24:54 ----D---- C:\ProgramData\FileUploader
2018-05-26 08:20:06 ----D---- C:\Users\Tomino\AppData\Roaming\MAGIX Computer Products Intl. Co
2018-05-25 06:46:21 ----A---- C:\Windows\system32\nvhdap64.dll
2018-05-25 06:46:21 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2018-05-25 06:46:17 ----A---- C:\Windows\system32\nvdispgenco6439793.dll
2018-05-25 06:46:17 ----A---- C:\Windows\system32\nvdispco6439793.dll
2018-05-22 23:43:25 ----D---- C:\Windows\system32\unknown
2018-05-22 23:41:54 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2018-05-22 23:41:54 ----A---- C:\Windows\system32\nvdispgenco6439764.dll
2018-05-22 23:41:54 ----A---- C:\Windows\system32\nvdispco6439764.dll
2018-05-22 23:36:54 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2018-05-22 23:36:54 ----A---- C:\Windows\system32\nvspcap64.dll
2018-05-22 23:36:54 ----A---- C:\Windows\system32\NvRtmpStreamer64.dll
2018-05-22 23:35:55 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2018-05-22 23:19:56 ----D---- C:\Users\Tomino\AppData\Roaming\VitySoft
======List of files/folders modified in the last 1 month======
2018-06-17 12:19:50 ----D---- C:\Windows\Temp
2018-06-17 12:19:48 ----RD---- C:\Program Files
2018-06-17 12:14:05 ----D---- C:\Windows\system32\drivers
2018-06-17 12:09:19 ----RSD---- C:\Windows\assembly
2018-06-17 12:09:19 ----D---- C:\Windows\Microsoft.NET
2018-06-17 12:07:02 ----D---- C:\Windows\System32
2018-06-17 12:07:02 ----D---- C:\Windows\inf
2018-06-17 12:07:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-06-17 12:03:02 ----D---- C:\ProgramData\NVIDIA
2018-06-17 12:00:41 ----A---- C:\Windows\SYSWOW64\log.txt
2018-06-17 11:57:04 ----D---- C:\Windows\AutoKMS
2018-06-17 11:57:02 ----D---- C:\Windows\system32\Tasks
2018-06-17 11:56:54 ----D---- C:\Users\Tomino\AppData\Roaming\uTorrent
2018-06-17 10:58:18 ----AHD---- C:\ProgramData
2018-06-17 10:10:10 ----D---- C:\Windows\system32\config
2018-06-17 09:17:55 ----D---- C:\ProgramData\Origin
2018-06-17 09:17:52 ----D---- C:\Users\Tomino\AppData\Roaming\Origin
2018-06-17 09:17:48 ----D---- C:\Program Files (x86)\Steam
2018-06-17 09:17:38 ----D---- C:\Users\Tomino\AppData\Roaming\Spotify
2018-06-17 09:16:24 ----D---- C:\Windows\winsxs
2018-06-17 09:14:56 ----SHD---- C:\Windows\Installer
2018-06-17 09:14:53 ----D---- C:\Windows\SysWOW64
2018-06-17 09:14:52 ----D---- C:\Windows
2018-06-17 09:14:50 ----D---- C:\Windows\system32\MRT
2018-06-17 09:12:03 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-06-17 09:11:59 ----AC---- C:\Windows\system32\MRT.exe
2018-06-17 09:11:52 ----RD---- C:\Program Files (x86)
2018-06-17 09:11:27 ----D---- C:\Windows\Logs
2018-06-17 09:09:54 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-06-17 09:09:06 ----SHD---- C:\System Volume Information
2018-06-17 08:08:08 ----D---- C:\Windows\system32\catroot2
2018-06-16 16:02:08 ----D---- C:\Users\Tomino\AppData\Roaming\.minecraft
2018-06-16 10:57:55 ----D---- C:\Windows\system32\NDF
2018-06-15 19:25:47 ----D---- C:\Users\Tomino\AppData\Roaming\avidemux
2018-06-14 18:06:52 ----RD---- C:\Users
2018-06-14 13:22:56 ----D---- C:\Hry
2018-06-14 13:21:41 ----D---- C:\ProgramData\boost_interprocess
2018-06-14 13:00:57 ----D---- C:\Users\Tomino\AppData\Roaming\vlc
2018-06-13 13:00:43 ----D---- C:\Windows\SYSWOW64\Macromed
2018-06-13 07:06:28 ----D---- C:\KMPlayer
2018-06-08 15:40:44 ----RSD---- C:\Windows\Fonts
2018-06-08 14:06:21 ----D---- C:\Windows\system32\DriverStore
2018-06-08 11:20:48 ----D---- C:\Windows\SYSWOW64\drivers
2018-06-07 14:08:12 ----D---- C:\Program Files\Avidemux 2.7 - 64 bits
2018-06-07 07:44:13 ----AD---- C:\ProgramData\TEMP
2018-06-07 07:41:41 ----D---- C:\ProgramData\Licenses
2018-06-06 14:40:43 ----D---- C:\Program Files (x86)\EasyAntiCheat
2018-06-06 14:40:42 ----D---- C:\Users\Tomino\AppData\Roaming\EasyAntiCheat
2018-06-06 10:57:18 ----D---- C:\ProgramData\NVIDIA Corporation
2018-06-06 10:56:20 ----D---- C:\Program Files (x86)\VulkanRT
2018-06-06 08:31:08 ----D---- C:\Users\Tomino\AppData\Roaming\Anvsoft
2018-06-05 17:34:26 ----D---- C:\ProgramData\Epic
2018-06-05 09:16:51 ----D---- C:\Program Files (x86)\Origin
2018-06-02 05:05:26 ----A---- C:\Windows\system32\nvwgf2umx.dll
2018-06-02 05:05:20 ----A---- C:\Windows\system32\nvumdshimx.dll
2018-06-02 05:04:52 ----A---- C:\Windows\system32\nvd3dumx.dll
2018-06-02 05:04:38 ----A---- C:\Windows\system32\nvapi64.dll
2018-06-01 10:39:44 ----A---- C:\Windows\system32\nvsvc64.dll
2018-06-01 10:39:44 ----A---- C:\Windows\system32\nvcpl.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvsvcr.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvshext.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nvmctray.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nv3dappshextr.dll
2018-06-01 10:39:42 ----A---- C:\Windows\system32\nv3dappshext.dll
2018-05-24 22:51:50 ----SD---- C:\Users\Tomino\AppData\Roaming\Microsoft
2018-05-24 19:44:00 ----A---- C:\Windows\NvContainerRecovery.bat
2018-05-23 07:10:11 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-05-22 23:52:53 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2018-05-22 23:36:54 ----D---- C:\Program Files\NVIDIA Corporation
2018-05-21 22:49:25 ----D---- C:\Users\Tomino\AppData\Roaming\Ahead
2018-05-21 20:40:39 ----D---- C:\Users\Tomino\AppData\Roaming\Audacity
2018-05-20 17:30:00 ----A---- C:\Windows\NvTelemetryContainerRecovery.bat
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-03-19 110432]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-03-19 137928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-03-19 196112]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2017-05-15 40936]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-03-19 82816]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-03-19 61520]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-03-19 108320]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2016-05-25 137280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-03-19 50136]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver; C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys [2015-09-28 172376]
R3 DFX12;DFX Audio Enhancer; C:\Windows\system32\drivers\dfx12x64.sys [2018-03-08 29688]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2018-05-22 227928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-03-15 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2018-03-08 28008]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2018-02-16 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2018-02-28 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2018-02-28 30528]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-12 744640]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-04-28 2240264]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 268824]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-06-01 764544]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2018-05-22 3072328]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-04-03 11293936]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-13 335872]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-03-16 7013384]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-03-16 774272]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-14 153168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-02-14 114688]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2018-05-22 2201920]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-06-09 1673504]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2018-02-14 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------